{"report_id":"4557e2a1-79e6-4373-a2c4-25ad2887f5ff","version":6,"status":"done","tags":["botpanel","malware","hook"],"date":"2026-03-07T04:55:59Z","url":{"schema":"http","addr":"manisarehber.xyz/","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"172.67.146.134","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"manisarehber.xyz/","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"title":"HOOKBOT PANEL","dom":{"size":15786,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (14805)","md5":"4026e419319c28630f8a971a26390c2e","sha1":"866bf9a9bc6291069862c856470afc8d7cbdd659","sha256":"a41d149738b1afd44b83d58a3a080fbe61afd343296b23c83f9725a50ba1e206","sha512":"808904b91eddee34d59d04de39bd0a898baf113a1c6c00f1c6d63e4f73ebcfc3bd8466b2296d530793b873e32e37ea60c83d74bf1de55ac57b8f5fdc09d5f9cc","ssdeep":"384:6PDs7CC4bDT1sDT7iYvVL/Uir4ywZktfZsr7f2OctbE0lFkestMvselLqVS:6Pg7CC9fWYtL/UiwktfZsr7uOcB1ke26","tlshash":"79623b2460826039522759e5647b722c7267b00fe89b4820e275c6f4dffded9a473f68","dom_hash":"domhashc5746e7a79e0f28cdeb55ad64cfe99de","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"manisarehber.xyz/","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"172.67.146.134","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-11T04:55:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]},"summary":[{"fqdn":"209.74.81.37","ip":{"addr":"209.74.81.37","port":3434,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":5,"received_data":2730,"sent_data":2010,"comment":"","tags":null,"fingerprints":null},{"fqdn":"manisarehber.xyz","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2022-02-12","domain_rank":0,"first_seen":"2026-03-07T04:56:02.180525Z","last_seen":"2026-03-07T04:56:02.180525Z","alert_count":34,"request_count":17,"received_data":4805238,"sent_data":6664,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"purecatamphetamine.github.io","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2013-03-08","domain_rank":207655,"first_seen":"2020-11-06T10:34:18Z","last_seen":"2026-03-06T16:42:34.840787Z","alert_count":0,"request_count":2,"received_data":2071,"sent_data":934,"comment":"","tags":null,"fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"http","addr":"manisarehber.xyz/","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d10761712e551de21d8bb192ba9a37f6","sha1":"bae66378472723b2119703e797d690acc418af77","sha256":"27a571bd3321c76c447278bebb5925324e5cbbed1ed52db240c03afd3fb78474","sha512":"6561794bfcc764c9547182159eff463f09c177b57debf2d03daa47ac28900e02b27c898b05fd92d0549c3a7fd6413b4d0b47d0955b85502f328a759297a73c67","ssdeep":"","tlshash":"68c08c01fc00c8dd31b0e808a70fa9e2a518f010b2b26029276b4889ad1a471aa88ed8","size":164,"data":"","first_seen":"2026-03-07T04:56:07.120878Z","last_seen":"2026-03-07T04:56:07.120878Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"manisarehber.xyz/","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"70597646447438e8dc6d467a58c8b621","sha1":"5ef2d7ea812458650bc92eb9e54cfe2be154cb98","sha256":"14e964da24f4245105a12c0d591295ba8cd8732506898e9aa6e9e346936e39a3","sha512":"90ae7b8e2aa00105b103a9b5f9c6e7b9e45d4610080e7bc83c14e523f0abe39d6f4506e1c3690a79678f1cd59339b6fdb8a843fee686893b55aacb00b2b21da0","ssdeep":"96:ahrCpk3W95qoLTnkf4PTSPCkKlse1Yw95OhWkT3pFiYvVv:adCpkM5RbkgPTSPCk4syvOhDT7iYvVv","tlshash":"17b15298b6c7f030869664ba403f600bf3b6745614ced450e026d8e1ee78a8d6567f6d","size":5195,"data":"","first_seen":"2025-03-18T06:45:47.259891Z","last_seen":"2026-05-09T07:07:06.299309Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"manisarehber.xyz/0c448e70-8ff6-46d8-b8f8-a1f10d3a63ee","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3828120fe93e14bbb5d8cd1f5e658ce","sha1":"bec5ebf96b180578ad9f00e1e718229a2226754c","sha256":"55ecd6bc0ca0c68caa8df2c73bf219df5cd71242093842c7f4aa69d638ba3bc3","sha512":"8a3576583afc0c61c5430462bfead30b2815ecc919a896622e47896d3ab099d1a3f71a3e7523775d16e6bcfdf68e3ddca8bdc23a78aff0f8ad44fa588c0d91ae","ssdeep":"49152:8uiOX0cTATLqO26LVLfa1TM8iH2jTW95ncEq2nDSIqzHVp:FA/7RWrd","tlshash":"c306c54c325bf354915a80d7e43f2c49e2aee589a00b44e0af3187f31ab5746f66ee17","size":3818627,"data":"","first_seen":"2026-03-07T04:56:07.123563Z","last_seen":"2026-03-07T04:56:07.123563Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"209.74.81.37:3434/socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6flDX","fqdn":"209.74.81.37","domain":"209.74.81.37","tld":""},"ip":{"addr":"209.74.81.37","port":3434,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:56.004Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6flDX HTTP/1.1\r\nHost: 209.74.81.37:3434\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nOrigin: http://manisarehber.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Accept, Authorization, Content-Type, Content-Length, X-CSRF-Token, Token, session, Origin, Host, Connection, Accept-Encoding, Accept-Language, X-Requested-With\r\nAccess-Control-Allow-Methods: POST, OPTIONS, GET, PUT, DELETE\r\nAccess-Control-Allow-Origin: http://209.74.81.37/\r\nContent-Type: application/octet-stream\r\nDate: Sat, 07 Mar 2026 04:55:56 GMT\r\nContent-Length: 85\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"5b98d6bc43f8248f1c1725b5fa98767f","sha1":"0d3bc2928fcbc61022d29ea9fd205492314a2894","sha256":"2c1ace31750e399ae7b6f7868c19e00f74f88e38796d4ef037a22ffcda2c0557","sha512":"e77bfa32dbee496d4ed3cf7da002f306e61ff9681af6f67c729799046aa533575ed60ace1023293b99d8bbaad3d2bc60b240a5d1565405411330a4ae21de6aeb","ssdeep":"","tlshash":"3aa01204d15d73c5ea603e8020f20e054818784d8ac1048c312404c401c6110611223b","first_seen":"2026-03-07T04:56:07.09741Z","last_seen":"2026-03-07T04:56:07.09741Z","times_seen":1,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"manisarehber.xyz/images/hook.svg","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:41.563Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/hook.svg HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T13:37:43.294497Z","times_seen":15823785,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/fonts/icons/permissions/style.css","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:37.431Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fonts/icons/permissions/style.css HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:37 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nETag: W/\"69ab4cb4-569\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jUm8KgVXPST1gDJKwnYD30MfdOlJsuo5aDsNEhYep9wx1gjSdfEwozXpOHtIj7BaM4w7GbYnvRisyah9qxO2A6M6zzQNVGylGUB3SxH8oRw%3D\"}]}\r\nCF-RAY: 9d87024aec3c0883-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1385,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e7a2f49096e4eec6fb152bd3bbd3a79d","sha1":"7edb77dfac88b03ae84579f7df14d7970dbf8e48","sha256":"192a731c7357c9cc21c2ed31feb497561738fbb7353e047d3eb30bf06075c7f5","sha512":"899bbe2a1d6e972ad2553cee2ec9395121a2802f070dac3232df6b21029c2e53809b4cea72f8ebc673f12b7f9e744e8e3ab72878b2c32a34f4e3a431381abb68","ssdeep":"","tlshash":"db2127e4ecbc18805351d4c432a73b64bf1c92169c4a6c5aa7a3780caff774191e238d","first_seen":"2023-04-13T12:48:38Z","last_seen":"2026-05-09T07:07:06.276529Z","times_seen":157,"resource_available":false,"data":null}},"time_used":450,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":449,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/fonts/mulish/style.css","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:37.432Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fonts/mulish/style.css HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:37 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nETag: W/\"69ab4cb4-672\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Qbz2eMInC776sWYDWMGm%2B9LRppHEdWuvivcRwz%2FejRUw6Ne4gOYemUNa9lvDkt6fr%2Fl6%2B88rVeuDNbVdkf%2FAqbBA5G81MYSrGRep7wmJhg%3D\"}]}\r\nCF-RAY: 9d87024af9c42efa-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1650,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"52a70196f93d6cbde026b45ed2be798a","sha1":"77f415c3dd48043669df473d94a9200f867fcab8","sha256":"e09bb0962eaf03380ebd592134c4cbccd9a9dbe0cad5d8c886c42e50c078e728","sha512":"6df289b62da4ff426698f1244e678d05634b59c01216d1f53951c0dbce659c21a3c1fb16a66e22bb0b5e75b95bbba9f726f7c48477f8bab1aaff32cfaa309f54","ssdeep":"","tlshash":"19317881140a2910f2672ccd27ce6e26d50ea143514062327bfebbd5afba93422a8f5d","first_seen":"2023-04-13T12:48:38Z","last_seen":"2026-05-09T07:07:06.291702Z","times_seen":154,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":-1,"dns":1,"connect":0,"send":0,"wait":469,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/fav/apple-touch-icon.png","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:38.182Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fav/apple-touch-icon.png HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 6573\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"69ab4cb4-19ad\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tAPrUPCVgIHhgzLQINur%2Fg3p%2FdBK0xgZ7WFoIQ%2FzMlNJBDUlQ62O3ccAvGDrLveE6Pdg8YZNUjWa0xQXnkBMnKbJqpZpTiHXcd2YdSEQUS8%3D\"}]}\r\nCF-RAY: 9d87024fa8e0dfec-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6573,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"90a61dcc76d704b2e861a0465ced2f87","sha1":"27b6cebdd96c0434c2fe10db0d58b2c3135c9728","sha256":"73ce3b381a9a2c555f88fbfc873a53137b120d0e0398894d130408431a7799af","sha512":"fc441447ba4237afc693fed9ee68b86f9a83e686a1c98b512f520214a926f8746dbfcc266ae54695d53a2fe36bc6ae8c0cdfa998ddf2ccc1f1724757bd833fea","ssdeep":"96:MIXoTewnynwNYEf3fo3zaNS7Au/Ad4YAj7ovvGtT6sbTFxrN1JhDARDUjsG:Miey6Yn3zRV/jWvvGl1XFxfJhMUjsG","tlshash":"edd1adc7a9cdf79e59e9a3e383ce818383e3d01c529e605877a3c28c2c445a596124f6","first_seen":"2023-11-05T22:04:48Z","last_seen":"2026-05-09T07:07:06.292416Z","times_seen":154,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":457,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/fav/favicon-16x16.png","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:38.184Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fav/favicon-16x16.png HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 1035\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"69ab4cb4-40b\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CVU%2FZhhFA82%2BBwJK5t6My5z0TYjitMqW4X8oSEk4mHxf6rVgQfdHz53Jck9C5vELNxIAuWg%2BHII2lngaTEOEUOm18JW2%2FCE1i7sMqnUQ1g4%3D\"}]}\r\nCF-RAY: 9d87024fac132678-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1035,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"20483239adc0dc66bbabbbe2cc33f6fe","sha1":"c30dd2f134cab3d4d620b34a3ed736a0ee0e0658","sha256":"b13b77f0b3d95c1146394ea855d915f189d3ea374179755cfb2ac47bfc8f306c","sha512":"a4ac4cb15f4b4fa756fd573e57cfd032a2931e1b3685dc2d9066ec2f63d36e8fc35a0a3567bb731244da7682aba956e0ec30ad993afe86dd7b6b7f36e89f85d4","ssdeep":"","tlshash":"c21165d57059acb0c0d6225340c25347ea3a40267513cd2bb70fd5bc0be9bfe1554443","first_seen":"2023-11-05T22:04:48Z","last_seen":"2026-05-09T07:07:06.28122Z","times_seen":154,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":469,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/static/css/main.397ec292.css","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:38.187Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/css/main.397ec292.css HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:38 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:55:04 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nETag: W/\"69ab4d38-a4dac\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WgBFT%2BLC3Hb7OabYkEBEzVsU1P9gl9G059HLuGywatERnt8SC8a7rHdgfRF39Kc6rQa%2B%2B0HcPtOKiDoN261k0D%2B350e%2B95CBOfyYU%2BI%2BO58%3D\"}]}\r\nCF-RAY: 9d87024fbd5c0883-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":675244,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (50737)","md5":"1cf163c0c0b1696a7220c3e951629262","sha1":"f8205a4d5419c99c4de59b1de3ea66abaa56cf73","sha256":"5bf31c83371902b8a44eeaadddcc1dad52b39d074bc3c0613df9ead6850a6a6c","sha512":"854a4f1515499150ad14fd1dedce03a1eb0211307a1709882c784e606c5a30fb5fb4dc52e081874de89503c40ad95d7b789e4d0144945be3d87d66a8f60866c4","ssdeep":"6144:p+c3ARRdzjJzsDNauoD+NEwJaZvoIqyuuHd/zrHoSxuDKVkIIbmP7Fe:p+c0aOU","tlshash":"39e4d818ab41306fe5e7c73b65e0f964ad21ca02d67f8a7ff2e17b188b4564d01b3a05","first_seen":"2023-09-25T02:06:39Z","last_seen":"2026-05-09T07:07:06.278506Z","times_seen":123,"resource_available":false,"data":null}},"time_used":829,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":420,"receive":409,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/images/login_poster.jpg","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:41.632Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/login_poster.jpg HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:42 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 18418\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"69ab4cb4-47f2\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=az1CzDK4hR9ZDQMwzaxxuF21n7OEkKtcf1n3%2Fg7jgheYe2iAGeANhGC5oldaOunKkQphGxyZgQFbHKvcgJzVZPsC419oMgZ5N3nqRW4DD%2BA%3D\"}]}\r\nCF-RAY: 9d870265383c2efa-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18418,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x720, components 3","md5":"719cd51d0daa19e7fb86d1f7ae8fdf82","sha1":"c47adb5699df36a8942698a3a5202a8d3da0e4d7","sha256":"82b5025eca7e248ab6a54077b939835ddb259853fcc94b258cd1a39abece9fd0","sha512":"46542f064e8c230c1b40fd902877e20d9282fb28bbe1283ce6fbe2dfc9426d45d699db0ac7c03555ca511763c861d947b120a08ca948f0be0f7f42ffa6d6e428","ssdeep":"192:p6dGIt9uzh+DelAOoMvHQpx0i+v6dTQukMiPdrDlGBsh3V6qcaLmcUVrQ5+Tyv0j:wfKh+hOvwp2fSdEumNEfXZxIFPngnnr","tlshash":"5d82ce079c089743a42997e8be070dad6f1a3b0ced913aff51265ecf3d602251c8e56e","first_seen":"2023-09-25T01:24:38Z","last_seen":"2026-05-09T07:07:06.289732Z","times_seen":156,"resource_available":false,"data":null}},"time_used":648,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":435,"receive":213,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"https","addr":"manisarehber.xyz/","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-07T04:55:36.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"manisarehber.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Feb 2026 14:08:12 GMT","end":"Fri, 15 May 2026 15:06:53 GMT"},"fingerprint":{"sha1":"3B:1A:AC:68:F2:83:97:6F:2E:41:3D:D2:E4:59:E2:EB:68:0F:C2:26","sha256":"67:BC:50:F9:15:1A:95:4B:2C:48:C8:14:4D:8F:42:7B:CB:78:F8:E8:9F:C2:32:D2:D0:05:21:03:8E:E8:39:D0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 521 No Reason Phrase\r\ndate: Sat, 07 Mar 2026 04:55:36 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 6994\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nserver: cloudflare\r\ncf-ray: 9d87024578111a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"521","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6994,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (396)","md5":"6cfd44f59b7cbb4ad6786801a33b6560","sha1":"183f4cead2595e4b84209c89003a0805ed3dae6d","sha256":"719a8f965eb41ffd0b111a17a622c0161a28a884d5d2f7a31859f0f2df4b1e75","sha512":"6f9b63efb4de2d4c62ae1e77e55e3868335896b411c3c3d44770c3619af321c170d3511f633da055508192cb086c1d52d34e2dcff465d06ecf969af3611c2e2a","ssdeep":"96:1j9jwIjYjbDK/D9KUu/G4Fh8/G4F+G424FL+skKmk2OLwmNnwL5e7RLlWaQxP:1j9jhjYjvK/Bq/eMxVO/Q85e71lxeP","tlshash":"2ee16871b1f5127610a3c1923695ef6a79e0c613cbef4598b3dcc6632f9ee81d943290","first_seen":"2026-03-07T04:56:07.110029Z","last_seen":"2026-03-07T04:56:07.110029Z","times_seen":1,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":21,"dns":1,"connect":1,"send":0,"wait":215,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/fontawesome/css/fontawesome.min.css","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:37.427Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fontawesome/css/fontawesome.min.css HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:37 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nETag: W/\"69ab4cb4-13b0b\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ychq8A5OfKOXgjxu%2BYishq%2F8LG5XUr28XVPye8QOzbOqriY0UfSNQlwJ8XnUCr8RBLCJIhayJ%2BP%2FSVmKu40h1eZtZ5X7Z0KzMbY%2ByoCRd5M%3D\"}]}\r\nCF-RAY: 9d87024aed2bc759-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80651,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65317)","md5":"d318f674308800c356f650173502cf6d","sha1":"f2c5219fb9f58c2baee6dbd965741975cbc8ae71","sha256":"863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509","sha512":"46f431c1ffb7cc9b8dc25e1ed2c66341e5fb9146b7a3cd9b0c44e9815087d918b06126550dd149ecdff0a0d8a037f95dc8e3a82b0f39f388cce2995076df1b84","ssdeep":"1536:4fMCMPMCMjMCM4MCMwMCM3spL70pgbPMfjSFbTyMGuF:070pgMGFvyMGuF","tlshash":"ab73cbf5e44c15d97732c44beb58b37c61b6f738d9810da9f02f580d1ac26a822c6b7a","first_seen":"2023-04-07T14:45:52Z","last_seen":"2026-05-24T11:17:22.919077Z","times_seen":380,"resource_available":false,"data":null}},"time_used":693,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":466,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/static/js/main.23cd061e.js","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:39.027Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/main.23cd061e.js HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:39 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:55:04 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nETag: W/\"69ab4d38-3a4483\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7CWvA6KTg7lRtG5spQz0%2FIqITltyIgrkrXeh%2F6utCEvqUYoqyqAr6vjSc6RgR9s8wam611ylyHYxWWFSODpZKyDbScd6vwef3moippKt7Lk%3D\"}]}\r\nCF-RAY: 9d870254ffcd0883-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3818627,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"0eb23cddaab55edb55f456a227720ff6","sha1":"b180b4c21841fc33c85cb9786d3e3905e578c732","sha256":"e940b67f415c14b6a28487d93139386ad3682db228a7de8d4eaab1261ea7ebc1","sha512":"ed2d0d304e90f5816cdc1881e0b32e467746e178d336a9a9e0765fd76fcfbb496f48d72f5fe624107ffbf7dd8ea11876d7e99d18c61dd005160e85dc2ce2c6a2","ssdeep":"6144:Eh9dQiOXI9G0q6u6c6+hATh9oqQh01923nbeqJnoooMzi1qSDgkQb2Xp/LVLfF45:8uiOXIzqsc6CATh9qer2lkP5LVLfup0S","tlshash":"8c25e94c3a4ef310995990e7d03b2c0a922de505b40b48a46f3097f76ab5797f3eed26","first_seen":"2026-03-07T04:56:07.111404Z","last_seen":"2026-03-07T04:56:07.111404Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1780,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":453,"receive":1327,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"https","addr":"purecatamphetamine.github.io/country-flag-icons/3x2/US.svg","fqdn":"purecatamphetamine.github.io","domain":"purecatamphetamine.github.io","tld":"github.io"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:41.582Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /country-flag-icons/3x2/US.svg HTTP/1.1\r\nHost: purecatamphetamine.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T13:37:43.294497Z","times_seen":15823785,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":2,"connect":13,"send":0,"wait":0,"receive":0,"ssl":-1},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/images/login_sd.mp4","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:41.796Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/login_sd.mp4 HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 07 Mar 2026 04:55:42 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 6265758\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"69ab4cb4-5f9b9e\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\ncontent-range: bytes 0-6265757/6265758\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ik5gfU8mJKxQptNHhpH7kyJ2PB1GlDV79cEQT5m3QGtM7QYrFt2bMlEhBtInqpImXzUrP7oyGUmIo1eUwpJeLRAVNaKQOmac6l6EgaS8t3w%3D\"}]}\r\nCF-RAY: 9d8702664b532678-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41992,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"0b5da794a6fd4a1fc3461aa4a687be70","sha1":"7f78b2915b6bb44bb4bcbc7ae4ab01670f00bcad","sha256":"20cc07c2fb5baeaf2584146fb74e8bccbe69093090aa7d7d4251a0fe0a199721","sha512":"12c13798998e43becc736549b3653b4867ca0147d2f6e30167f035b9993204699d7c5699e2416fcb549d0c89fa2645a38920ae41e8485fe59be01206b8808b2b","ssdeep":"768:uk74tHlaojnAM0eA1OCfiBg6gSgQLpvOuTUxskzHua9CkABwimOAIjQkvAj8v:uoSQojA17fiBgTtQLpvOuUY7kABJmOT/","tlshash":"a21301349fd9f1c9249628f8433caaf241c18215d6da4bfc403e6e6fa2c54a1ef1955f","first_seen":"2026-03-07T04:56:07.112538Z","last_seen":"2026-03-07T04:56:07.112538Z","times_seen":1,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":415,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/images/login_sd.mp4","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:42.425Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/images/login_sd.mp4 HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=6258688-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 07 Mar 2026 04:55:42 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 7070\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"69ab4cb4-5f9b9e\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nAge: 0\r\ncontent-range: bytes 6258688-6265757/6265758\r\nCache-Control: max-age=14400\r\ncf-cache-status: HIT\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4hU5Z8oleBJ0RbI0WdRbQH0z%2FuNP4rG3AC8Rn41kV9spYlAkPv1shCfaq7CkFhRCNF75NJFrMNW5kSeJ5yRJv2z40VZ7e6AmInVSdHZx8go%3D\"}]}\r\nCF-RAY: 9d87026a2857dfec-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7070,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"7431929e733d56475c0a709a8d7dfbc0","sha1":"b518863a41936651f45d97e94cf3a321e9586c7f","sha256":"28ad3b47e8d1f7c4006d8e8e9e7e4d866a6d7595f7bb78e736c9987ce76b33be","sha512":"e5e8ad57aa1f9e49981fd0e014530cf8ad4aca90def01792cacda532d8d55e0bd6b7bae6463bd531f0e3d82a343b7a624cc50684c5fa87c39446ff6879cb6494","ssdeep":"48:Ocfgq0F/ceVqmoXfgxFu8gdxbhsfQJEpQYQz6+EpYfabkeD00A8pD3lUo67C+H7j:b4qGlV+8g/hs/Ot+EabkAKC5p67C+v1D","tlshash":"01e185958335ba89c5974b3c32c31208ba79d679575b432f83b0f43d3e9971c4ca8185","first_seen":"2023-04-13T12:48:38Z","last_seen":"2026-05-09T07:07:06.294764Z","times_seen":105,"resource_available":false,"data":null}},"time_used":1404,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":1399,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"209.74.81.37:3434/socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6fhyl","fqdn":"209.74.81.37","domain":"209.74.81.37","tld":""},"ip":{"addr":"209.74.81.37","port":3434,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:42.642Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6fhyl HTTP/1.1\r\nHost: 209.74.81.37:3434\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nOrigin: http://manisarehber.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Accept, Authorization, Content-Type, Content-Length, X-CSRF-Token, Token, session, Origin, Host, Connection, Accept-Encoding, Accept-Language, X-Requested-With\r\nAccess-Control-Allow-Methods: POST, OPTIONS, GET, PUT, DELETE\r\nAccess-Control-Allow-Origin: http://209.74.81.37/\r\nContent-Type: application/octet-stream\r\nDate: Sat, 07 Mar 2026 04:55:42 GMT\r\nContent-Length: 85\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"62c5ce9b855faa6481e2d1fd61b80005","sha1":"26fa2f7e38306ca761cd901c9cb4743b0180092b","sha256":"b5bc5ad3c639092afab6c9db6e9b44c67816caa508dcea01d047af94a71e7484","sha512":"e88e21a44f148f94fff1533c1c09472ecda12341bdf1fabbba7d5f201c7dd04ac070b6afebc2e5a90d9610b52f881134eac382f2b5cf1a5f04939be9a0c9161b","ssdeep":"","tlshash":"efa01204d15e7386fa203a4020f20e064818784d86c5044c3124088401c6210a112227","first_seen":"2026-03-07T04:56:07.114444Z","last_seen":"2026-03-07T04:56:07.114444Z","times_seen":1,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/fonts/mulish/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:38.190Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fonts/mulish/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2 HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/assets/fonts/mulish/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:38 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 11232\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nETag: \"69ab4cb4-2be0\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yZ3O7SeyF0T%2F8lw4EYHv10Kb%2F%2Be9i56MyGCI60yKzaNhf0vBMzBvrU6z7wZ7vf9Xa7rGePJ8PaaZxVB5V8byo1KuoCSLhgV4uyjXaSJ9S%2Bw%3D\"}]}\r\nCF-RAY: 9d87024fbb8d2efa-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11232,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11232, version 1.0","md5":"f4429b00adf61350183e1037f446fd40","sha1":"a23ad1c7b309f8da507b96efad46313f72d3a351","sha256":"ad234f0985f2142bb1fa3a281ddf2511d320f84f73422df2b2384f115b4b9131","sha512":"4878a81633320634eab8d6493c130eec573834433693096b2acecaf0bcc9232c2a945a06a61b2e4522e1a5f789b84221098dfca7d6db071efe9586bd77c07bf3","ssdeep":"192:lIIvN2i4YfGz24CRxgELe5Wx6gN9bXf30Am9Ht1NOqQOn6ivI:lIIvN2i4rz2bjESvfPTmtXOdqvI","tlshash":"0532b0e8abda6657464636f7b49a0c7cc1d41b442f1f4a0a1886c733905f72a8248277","first_seen":"2023-04-09T18:33:33Z","last_seen":"2026-05-27T18:55:48.395294Z","times_seen":778,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":401,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"209.74.81.37:3434/socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6fhha","fqdn":"209.74.81.37","domain":"209.74.81.37","tld":""},"ip":{"addr":"209.74.81.37","port":3434,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:41.549Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6fhha HTTP/1.1\r\nHost: 209.74.81.37:3434\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nOrigin: http://manisarehber.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Accept, Authorization, Content-Type, Content-Length, X-CSRF-Token, Token, session, Origin, Host, Connection, Accept-Encoding, Accept-Language, X-Requested-With\r\nAccess-Control-Allow-Methods: POST, OPTIONS, GET, PUT, DELETE\r\nAccess-Control-Allow-Origin: http://209.74.81.37/\r\nContent-Type: application/octet-stream\r\nDate: Sat, 07 Mar 2026 04:55:41 GMT\r\nContent-Length: 85\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"6243c60ca74d24e967efb4e4578bf665","sha1":"77b99e0eb1dbfb68212c1847527f62f7c0335c3f","sha256":"225a728e1bcf4ca163265c0598fce69aceacbaa0eb391288ede8515f7539bd4c","sha512":"6cd2c47db8da5f7c6ae8fadcfafafb0f9da6759686b679ef974b3c6ff3c8815598267d99f74415891a86439e2e7261bab47153a466dd8bacd540d673bb5003d9","ssdeep":"","tlshash":"dea01204d15db786fb203b8020f20e054c18784d86c1044c3128048401c62106112337","first_seen":"2026-03-07T04:56:07.115705Z","last_seen":"2026-03-07T04:56:07.115705Z","times_seen":1,"resource_available":false,"data":null}},"time_used":581,"timings":{"blocked":194,"dns":0,"connect":195,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"manisarehber.xyz/","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-07T04:55:36.888Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:37 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:55:04 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VzC878t%2BISBfO8qzcl%2FwWTH85s8tr%2FXLy8y0Xq1vwWsX3B%2FIz8IMzoKbcGxFFP1b4ZJg50XcIczao1ETrpfXCAYxP8gmzQhVBaWfFwNc6Dc%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nContent-Encoding: gzip\r\nCF-RAY: 9d8702478ef5c759-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7834,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7834), with no line terminators","md5":"fdd214c37f6b67d9df763fd8ea1413a0","sha1":"1b0d940a7eaaeeb88acd293c13904c0c65106bf4","sha256":"5e68a69e161e6436b87ebc817179738d5548a3a52ec7b3d052978c36736aff19","sha512":"3e94ad574b903d5a89ca7b9ae3365628dc6e7da123c19274ec3a32decb8d19805c22d07d58220296b195ed449e190dafb81563c0e9cc499b3796d49b1dec8b47","ssdeep":"192:uUvA0g7gpDsZdCpkM5RbkgPTSPCk4syvOhDT7iYvVwRQp:1PDs7CC4bDT1sDT7iYvVHp","tlshash":"37f1b798b582b0345263b0b6503fa00ef27a7406a48bd824e037d4e5eeb8e8d5573f7d","first_seen":"2026-03-07T04:56:07.116494Z","last_seen":"2026-03-07T04:56:07.116494Z","times_seen":1,"resource_available":false,"data":null}},"time_used":459,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":457,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/fontawesome/css/all.min.css","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:37.428Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fontawesome/css/all.min.css HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:37 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nETag: W/\"69ab4cb4-18d98\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BjJQ9G1QjuN0eaG8UND4qE%2F8kHmzETnaCeKFXCn9QFaoJNBS8aTjW64q%2Bm8DKeDOvhloC696aHuwwH4oMl3khpzXRfG1x963%2FdKCVa0Alfc%3D\"}]}\r\nCF-RAY: 9d87024ae80adfec-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":101784,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65317)","md5":"6cb5a85b30082e3d59d7e371e002ce8d","sha1":"0c639634f474b4601a7937f440096185f3a9d8d3","sha256":"01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349","sha512":"c61e8efc2910a0f3960dd6130ea79174f0957754a9bc203d5d77149d94b616624da75728005cefb4237d0666a613ee1a1caf32c941d44827091e05e5a13c93d8","ssdeep":"1536:4fMCMPMCMjMCM4MCMwMCM3spL70pgbPMfjSFbTyMGu3prfZCC:070pgMGFvyMGu3pfZCC","tlshash":"23a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T20:32:18Z","last_seen":"2026-05-28T09:57:53.555645Z","times_seen":5154,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":486,"receive":233,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/assets/fonts/icons/style.css","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:37.430Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fonts/icons/style.css HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:37 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:52:52 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nETag: W/\"69ab4cb4-db0\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nContent-Encoding: gzip\r\nCache-Control: max-age=14400\r\ncf-cache-status: MISS\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ixfeEV7JjEmVKhb%2B9n0NYyTO%2BEayfUwWZ09%2F1exEpQMjPEiSeNLYiDoxhzpd72pvgWNoqHxmu9J9IQazaSNNdmQphx7DQyJVab%2BK4AabTfg%3D\"}]}\r\nCF-RAY: 9d87024af8e52678-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3504,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"cf10c1b8b9348fc2752bd628143e6769","sha1":"da766143af460e3863f789fc1db9b281766cb4bb","sha256":"002a20bb327c239893a00b908f0ed4cebb527a2957e61aa49528b71a6a450490","sha512":"a18ae99e905020f19401f6632a91a15c1505268a4199459de96f08010596dafefd48aa94bfb4a6e62497f5a0d4b0329032901bebbf6117bf9a7239e595de6e63","ssdeep":"","tlshash":"a07177f8a87d11405b60de91a3533a31af2c91b4ce936c8af2579c5c67eb6009186ffd","first_seen":"2023-04-13T12:48:38Z","last_seen":"2026-05-09T07:07:06.284537Z","times_seen":155,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"manisarehber.xyz/images/hook.svg","fqdn":"manisarehber.xyz","domain":"manisarehber.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:41.617Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/hook.svg HTTP/1.1\r\nHost: manisarehber.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 07 Mar 2026 04:55:41 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nLast-Modified: Fri, 06 Mar 2026 21:55:04 GMT\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,X-Token-Auth,Cache-Control,Content-Type,Authorization\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TAxsw96TzoG%2FdmMXxzj3RYB15rtcXkAXcCuAgg1UpS9AiqOt809rUGTGUxoMmcwDNzKpDORDM%2BziO1d43odd9z7v1yX3trGPnaE2HvhkRdo%3D\"}]}\r\nAge: 0\r\nCache-Control: max-age=14400\r\ncf-cache-status: HIT\r\nContent-Encoding: gzip\r\nCF-RAY: 9d870265283adfec-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7834,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (7834), with no line terminators","md5":"fdd214c37f6b67d9df763fd8ea1413a0","sha1":"1b0d940a7eaaeeb88acd293c13904c0c65106bf4","sha256":"5e68a69e161e6436b87ebc817179738d5548a3a52ec7b3d052978c36736aff19","sha512":"3e94ad574b903d5a89ca7b9ae3365628dc6e7da123c19274ec3a32decb8d19805c22d07d58220296b195ed449e190dafb81563c0e9cc499b3796d49b1dec8b47","ssdeep":"192:uUvA0g7gpDsZdCpkM5RbkgPTSPCk4syvOhDT7iYvVwRQp:1PDs7CC4bDT1sDT7iYvVHp","tlshash":"37f1b798b582b0345263b0b6503fa00ef27a7406a48bd824e037d4e5eeb8e8d5573f7d","first_seen":"2026-03-07T04:56:07.116494Z","last_seen":"2026-03-07T04:56:07.116494Z","times_seen":1,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Hook botnet panel","verdict":"malware","severity":"medium","comment":"Asset commenly seen with Botnet webpanel","tags":["botpanel","malware","hook"],"meta":null}]}},{"url":{"schema":"http","addr":"209.74.81.37:3434/socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6figz","fqdn":"209.74.81.37","domain":"209.74.81.37","tld":""},"ip":{"addr":"209.74.81.37","port":3434,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:45.601Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6figz HTTP/1.1\r\nHost: 209.74.81.37:3434\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nOrigin: http://manisarehber.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Accept, Authorization, Content-Type, Content-Length, X-CSRF-Token, Token, session, Origin, Host, Connection, Accept-Encoding, Accept-Language, X-Requested-With\r\nAccess-Control-Allow-Methods: POST, OPTIONS, GET, PUT, DELETE\r\nAccess-Control-Allow-Origin: http://209.74.81.37/\r\nContent-Type: application/octet-stream\r\nDate: Sat, 07 Mar 2026 04:55:45 GMT\r\nContent-Length: 85\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"c9318d05a067012f66b3d08d8009030b","sha1":"8a41aa5ade0af896b37a652a0f756cd8a3a46046","sha256":"e5073af6c40d092951210eb317a1d3db85df0ae003289fb98f534f48602ac903","sha512":"b9346f89c32c3474c1368bb169d40a1c9ce9d3bd6c2756d7e9b2f7a69a52cc1c31e0b0d6ce18c66d9a56ef7a5d9f0a3a94acbb8108f06efae313c5727aaf5975","ssdeep":"","tlshash":"d7a01208d15d7386fa203a4430f21e054818784d86c1044c3124048405c62107152227","first_seen":"2024-08-20T09:42:04.540537Z","last_seen":"2026-03-07T04:56:07.11876Z","times_seen":2,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"209.74.81.37:3434/socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6fjyI","fqdn":"209.74.81.37","domain":"209.74.81.37","tld":""},"ip":{"addr":"209.74.81.37","port":3434,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:50.805Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=Pp6fjyI HTTP/1.1\r\nHost: 209.74.81.37:3434\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nOrigin: http://manisarehber.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Accept, Authorization, Content-Type, Content-Length, X-CSRF-Token, Token, session, Origin, Host, Connection, Accept-Encoding, Accept-Language, X-Requested-With\r\nAccess-Control-Allow-Methods: POST, OPTIONS, GET, PUT, DELETE\r\nAccess-Control-Allow-Origin: http://209.74.81.37/\r\nContent-Type: application/octet-stream\r\nDate: Sat, 07 Mar 2026 04:55:50 GMT\r\nContent-Length: 85\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9433e0595b2f49e6677dc669551eb927","sha1":"e8b937c8343dc383c32d4b757c56126b2b511a4c","sha256":"37bd83654827251bbf30e14a8f7ca644662517faf57b1d63ba2e9bf45ce07448","sha512":"1e2954f1e64e4ba73a66f3bea391e97ac0dc86022a9acbc6b9fbd55f40f17e75e11cb97f4ea296dc124ed6708670a816a0db95f8fef3ee6f4b32be68e19699ce","ssdeep":"","tlshash":"04a01204d15d7386fa203f8020f20e054818784d86c2044c3124048401c62106152227","first_seen":"2026-03-07T04:56:07.119598Z","last_seen":"2026-03-07T04:56:07.119598Z","times_seen":1,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"purecatamphetamine.github.io/country-flag-icons/3x2/US.svg","fqdn":"purecatamphetamine.github.io","domain":"purecatamphetamine.github.io","tld":"github.io"},"ip":{"addr":"185.199.110.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://manisarehber.xyz/","date":"2026-03-07T04:55:41.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 21:41:53 GMT","end":"Thu, 07 May 2026 21:41:52 GMT"},"fingerprint":{"sha1":"A2:51:20:89:CB:5A:58:66:4F:F9:80:3A:0E:A3:6B:2B:13:44:D8:F9","sha256":"02:BD:D4:4D:11:37:CE:23:17:D9:AA:CC:D3:6F:75:3C:AA:1F:BE:C7:EE:91:CC:5F:AE:51:D8:1E:8F:F7:DC:A7"}}},"request":{"raw":"GET /country-flag-icons/3x2/US.svg HTTP/1.1\r\nHost: purecatamphetamine.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://manisarehber.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/svg+xml\r\nx-origin-cache: HIT\r\nlast-modified: Thu, 26 Feb 2026 09:41:14 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"69a0153a-548\"\r\nexpires: Sat, 07 Mar 2026 04:03:39 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: HIT\r\nx-github-request-id: B964:35A656:5C3FEE:5D7724:69ABA19D\r\naccept-ranges: bytes\r\ndate: Sat, 07 Mar 2026 04:55:41 GMT\r\nvia: 1.1 varnish\r\nage: 81\r\nx-served-by: cache-hel1410026-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1772859342.665274,VS0,VE1\r\nvary: Accept-Encoding\r\nx-fastly-request-id: a3e66045f5a9df41ca79941bc113ce4f42463378\r\ncontent-length: 480\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"447e2bf0533bec7a411b9a970b74f0ed","sha1":"bff8541efa1cff6e3a9613616682d0cba8bdbe45","sha256":"0368f33db1cc70ef5eee2a5de99571b65d394d8964f4824ce3919d45998775c0","sha512":"8a82e6a84b1b6637dcb82b3db9f39dd069848d81c17124a0da727624aaec37afcb3d646d96a54f20587d2aae935ab05dc18428be3ffff0b3b2d38ec19df67810","ssdeep":"","tlshash":"5021e1c743002834fadf83e0d62932b06ddf684461958468bda8d760b2f89d986decd6","first_seen":"2023-05-22T02:03:31Z","last_seen":"2026-05-28T05:09:54.72309Z","times_seen":950,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":33,"dns":1,"connect":13,"send":0,"wait":14,"receive":1,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}