{"report_id":"4679f472-2f0a-4981-a065-b72a4f2b96f9","version":6,"status":"done","tags":["botpanel","malware"],"date":"2026-01-04T21:30:25Z","url":{"schema":"http","addr":"95.181.160.249/","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":0,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"http","addr":"95.181.160.249/pages/login.php","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"title":"Unam Web Panel — Login","dom":{"size":4127,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (983)","md5":"7907d7d8211b5420b3aaa96b85f09623","sha1":"8677886bf025eef15931fa52bb2c5be0f78037dc","sha256":"bd61660010808040f2c88927bd99a0913950dc7a7fc1532231b3db6ed12c1b1b","sha512":"da4a80f26fd813a58a6e959221cb1dbe09d8f49bb0b3167359046c8c23cafe0fb5e8fe0d90bf989f62c16aade9000f794c225609a25e1896e96e6b790d6467db","ssdeep":"48:n2oSIShVY6se9PqTE1B4FlXPyMntmFprchSTSRS4ImGswot3JX95lZcZ0j:n2VM6se9iTCU/dxSTSRS4ImGswGJbjVj","tlshash":"bc81410528f0487710af29c76cf7b6382db5830bd5095a14b1bc43e45fb6e4eaa27c0e","dom_hash":"domhash2e1f3dbeea8c4426889ead4fd8f030c4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"95.181.160.249/","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":0,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-08T21:30:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]},"summary":[{"fqdn":"95.181.160.249","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":17,"request_count":17,"received_data":1791820,"sent_data":7077,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Select2","description":"Select2 is a jQuery based replacement for select boxes. It supports searching, remote data sets, and infinite scrolling of results.","website":"https://select2.org/","common_platform_enumeration":"","icon":"Select2.png","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/jquery/jquery-3.7.1.min.js","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-05-28T03:34:51.365648Z","times_seen":161862,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/select2/select2.min.js","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"37dd3c4be796c3e4d2914e336fc84624","sha1":"efd00b3c59b9093335cfcc043fa0576587676636","sha256":"d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772","sha512":"ee3039e0b935cd2756616e37bcb7416aeb4ae25d1b148871fc6bd6ef41738ce6e4bce089503b9865f35033cb778780b38f04a9a41be7a04e067000547cb9a1bf","ssdeep":"768:SopHucrre3DeGGG8MinEAs3j0TGE8jGookOlxNV7TWlOvBuZRgydn/RcSf2bK/Jw:m8hC3jIG+kOvVbyJJ1CD","tlshash":"2663c64c7a537234026f20e7256b140d22366b3e600b96a8b428cded6dbed15735bf3e","size":70852,"data":"","first_seen":"2023-03-08T15:22:52Z","last_seen":"2026-05-23T23:29:29.999833Z","times_seen":656,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"95.181.160.249/__UNAM_LIB/unam_lib.js","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c7fb12cb6f7e2df13448f35fcc57fb4","sha1":"d21730a298168b00466ccf8d73232794c789bc23","sha256":"203a6503c36c58ca3a61da4107de3834e15419b1f5540b98e7ff2c503b01e2ee","sha512":"671f8e9854d2b8ce21b4980f07f7dbf15dcad4e4f777375556d1b439a8693add58e4957486e3d527e1e7e054ecf85c3e2ea61a8ce4cf3c9948f2447f37b2eb90","ssdeep":"","tlshash":"da11484e3f0021ce0bbaa1d4d81e4d08f412e657a792ee96742c70982fb527daa01fd6","size":952,"data":"","first_seen":"2023-03-08T15:22:52Z","last_seen":"2026-05-23T23:29:30.002355Z","times_seen":585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"95.181.160.249/pages/login.php","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d430c6f87e2da0f07ab7a58bc82b674e","sha1":"4a7eaf40707470b4efd1878393f3ea5356bffdce","sha256":"b55dc009bd973d6a6d373b4b0e5400dd71a82f8d62e37f8e920b7bac867d473a","sha512":"e5f6a2cb6be24ed9fe1268110dc87bfcafa9c08428788c2b17dd2d30e6e42d4f14e0ad6090205a64ce550a188cd19377aa6829968e3802ea7e8fa013a4b5c005","ssdeep":"","tlshash":"1cf0464e7471196b52f7b59b9fbf9404113b008ba409ae127a9c29917f2214cbf23d09","size":601,"data":"","first_seen":"2024-07-07T14:40:58Z","last_seen":"2026-05-23T23:29:30.023301Z","times_seen":248,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/izitoast/iziToast.min.js","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"df383d4feeb05ea8bfe86a0569ef0524","sha1":"c6fd53b0a4abc2b73f55025ecb28d2eb65db93d4","sha256":"df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446","sha512":"66af68f84d34c61851ffbbc9e3d9b114d274290c351354cc5a43d3c6b59c9e97c41431178148b024720a8adf77116fd7c44df51d2239184396d3a1ba045d40b4","ssdeep":"384:9hKmhCPzlc5gVCPBpcG/0CEvXArKKpQi8VREgO3MrnHzxJBkHI4505P:3K5PzlcN8DXArhpQzRHO3M7TxfGIYUP","tlshash":"2582c894722032374aa329a960ff534a3772156ca9c641a4243fcdad5b34f8939f77f8","size":18486,"data":"","first_seen":"2023-03-07T12:01:52Z","last_seen":"2026-05-27T20:32:20.522778Z","times_seen":1637,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"95.181.160.249/","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T21:30:02.757Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T03:37:42.36904Z","times_seen":15804959,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":51,"dns":0,"connect":20,"send":0,"wait":0,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/fontawesome-free/css/solid.min.css","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.147Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/modules/fontawesome-free/css/solid.min.css HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"2a1-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 673\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":673,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (483), with CRLF line terminators","md5":"3b659e3d10259f2c31001fee050aeb63","sha1":"b4be4363d60981bd76c578190333414f0b91407c","sha256":"7854d8e44687343f7178f324562de684a174684f0e92c66ce00d4c4bf1795fc1","sha512":"9df2a3d2a653ab9bf84b31b005de7403b132b0510cd042cca864cd337d08d847b09aeb705551868f6972122ecad701e8c81be484d33b893a1d2ba7c8ac740b09","ssdeep":"","tlshash":"3301d66d0646295141c10e0138d9ba59ed56f0b97c582f73b22adc298cfae5f21b9f09","first_seen":"2023-10-18T07:49:24Z","last_seen":"2026-05-25T14:33:41.006941Z","times_seen":454,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":6,"dns":0,"connect":21,"send":0,"wait":25,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/select2/select2.min.js","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.158Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/modules/select2/select2.min.js HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"114c4-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 70852\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":70852,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64130), with CRLF line terminators","md5":"37dd3c4be796c3e4d2914e336fc84624","sha1":"efd00b3c59b9093335cfcc043fa0576587676636","sha256":"d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772","sha512":"ee3039e0b935cd2756616e37bcb7416aeb4ae25d1b148871fc6bd6ef41738ce6e4bce089503b9865f35033cb778780b38f04a9a41be7a04e067000547cb9a1bf","ssdeep":"768:SopHucrre3DeGGG8MinEAs3j0TGE8jGookOlxNV7TWlOvBuZRgydn/RcSf2bK/Jw:m8hC3jIG+kOvVbyJJ1CD","tlshash":"2663c64c7a537234026f20e7256b140d22366b3e600b96a8b428cded6dbed15735bf3e","first_seen":"2023-03-08T15:22:52Z","last_seen":"2026-05-23T23:29:29.999833Z","times_seen":656,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":23,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T21:30:02.874Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 04 Jan 2026 21:30:02 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Powered-By: PHP/8.2.12\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'nonce-PS7m/vV5i+VC1kbAx1HXNg=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';\r\nFeature-Policy: geolocation 'none'; microphone 'none'; camera 'none'\r\nPermissions-Policy: geolocation=(), microphone=(), camera=()\r\nReferrer-Policy: no-referrer\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: DENY\r\nX-Robots-Tag: noindex, nofollow, noindex, nofollow\r\nCross-Origin-Resource-Policy: same-origin\r\nSet-Cookie: PHPSESSID=hhn9cje7khe23arork87f6euag; path=/; HttpOnly; SameSite=Strict\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nLocation: pages/login.php\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T03:37:42.36904Z","times_seen":15804959,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":21,"dns":0,"connect":21,"send":0,"wait":39,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/select2/select2.min.css","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.150Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/modules/select2/select2.min.css HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"3a77-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 14967\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":14967,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14965), with CRLF line terminators","md5":"ba5948c0bda0f5f26bd3068ce565deaa","sha1":"6d28595693ce13f1a79db7d5c73bd82b13cf63b5","sha256":"c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e","sha512":"b697887282e03a0838bc8fba10b5f85144dcf14727a01703ea6bbf047b30860c58aef75bcfc9fe76ae5f291be60369ad22cf39c98d7a1d8ac90b4ca68b2776a6","ssdeep":"192:pL5u/nTfc3aqPJRQ9CPjOtWlUJKLPcH9tPOs:3u/TfXARQ9htWGSPcdws","tlshash":"c162b935bacc2235b0bf8e7f6cf274946729dd5fc4111b9ab8e9e594c8e04540a8b60f","first_seen":"2023-04-05T16:05:37Z","last_seen":"2026-05-27T22:57:28.867799Z","times_seen":3225,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":3,"dns":0,"connect":20,"send":0,"wait":30,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/css/adminlte.min.css","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.151Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/css/adminlte.min.css HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Tue, 20 Dec 2022 23:52:50 GMT\r\nETag: \"151a4a-5f04b222ad880\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1382986\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1382986,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65148), with CRLF line terminators","md5":"1f607cd21b69517f0e571761f1e6223a","sha1":"52330d894b72cf58ba3895122774972706b30a54","sha256":"a233b4121c506a32dc3fdfd447be80e7b369e9cbce5ee8ee7c8cc95d38c7b572","sha512":"dd4c9e9765b9dbafc469bfaf69980902ddc4065f88d96e4121f8dd374a255038c99acc2e7d7d3f4164e2723d0c466cb702a29c86ef5a3fd9979c347d98e0a8c0","ssdeep":"12288:JA6LNkwxKgkfBW6xBu0qLOLvyjC64IhkI:uwxKgkfBW6xBu0qLOLvyjC64IhkI","tlshash":"e225750960f13579b0ab4e1e6dfcf9600a1f94e9c4681fbfb57b37848b8458b6163e06","first_seen":"2025-08-06T17:01:45.869473Z","last_seen":"2026-05-23T23:29:29.994895Z","times_seen":166,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":4,"dns":0,"connect":21,"send":0,"wait":29,"receive":174,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/jquery/jquery-3.7.1.min.js","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.155Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/modules/jquery/jquery-3.7.1.min.js HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Mon, 15 Jan 2024 06:26:30 GMT\r\nETag: \"155ed-60ef61823b180\"\r\nAccept-Ranges: bytes\r\nContent-Length: 87533\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-05-28T03:34:51.365648Z","times_seen":161862,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":27,"dns":0,"connect":0,"send":0,"wait":21,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/izitoast/iziToast.min.js","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.157Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/modules/izitoast/iziToast.min.js HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"4836-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 18486\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":18486,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18398), with CRLF line terminators","md5":"df383d4feeb05ea8bfe86a0569ef0524","sha1":"c6fd53b0a4abc2b73f55025ecb28d2eb65db93d4","sha256":"df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446","sha512":"66af68f84d34c61851ffbbc9e3d9b114d274290c351354cc5a43d3c6b59c9e97c41431178148b024720a8adf77116fd7c44df51d2239184396d3a1ba045d40b4","ssdeep":"384:9hKmhCPzlc5gVCPBpcG/0CEvXArKKpQi8VREgO3MrnHzxJBkHI4505P:3K5PzlcN8DXArhpQzRHO3M7TxfGIYUP","tlshash":"2582c894722032374aa329a960ff534a3772156ca9c641a4243fcdad5b34f8939f77f8","first_seen":"2023-03-07T12:01:52Z","last_seen":"2026-05-27T20:32:20.522778Z","times_seen":1637,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/fonts/sourcesanspro-regular-webfont.woff2","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.566Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/fonts/sourcesanspro-regular-webfont.woff2 HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://95.181.160.249/assets/css/custom.css\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sat, 03 Feb 2024 10:44:44 GMT\r\nETag: \"503c-61077eaa37f00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 20540\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":20540,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20540, version 2.2949","md5":"d67b548b833d70dda3779916f5415e7e","sha1":"f1d3b0c478384a35f0766d9d1839aea81a164b3f","sha256":"8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535","sha512":"32ce084765a96ac31266b085ec6f16784b8c13eaaea28dc532304e203434f088e315e31dabc59f6fa8a42f447adafe8682b34c3f33adc695d140657302fa2950","ssdeep":"384:1RCN0g12CVceFNHIfF/WeFdM801OnXSvZHLfqaCBDTOxCd7KWn2lnepPKbkH1jV:GWg1jOfFw80MnXSvBfp4uMYZSPK4H1jV","tlshash":"4592e12851f8bfc1df2ea9753ef0c95cc6ad25503421f32552601b763f326a3745b286","first_seen":"2023-05-04T15:22:18Z","last_seen":"2026-05-26T20:47:05.141566Z","times_seen":1494,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.574Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://95.181.160.249/assets/modules/fontawesome-free/css/solid.min.css\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"13174-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 78196\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":78196,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261","md5":"e8a427e15cc502bef99cfd722b37ea98","sha1":"a9922842a120a7f1eaced667480c5e185a106d69","sha256":"d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef","sha512":"113775748a4166c07e58c26cf6db7fed473732dc6124b8ee0f0dcc0d6439eb2ab2c5d9e01c67324fdf9de4105349cf30cc5796a0b0e0ce9a08f337b9d4e10b7b","ssdeep":"1536:1iGQV8Q8UOUMUd5UY3qyCkHQCCz2LL1F+u3MHLGxe3U:QVWuF33qy7HQchFz8HnU","tlshash":"3273121cf567643ef6a8e05f3c38256d4fd5c724e2e68a06748db808c4ce71d90879b6","first_seen":"2023-04-05T08:37:56Z","last_seen":"2026-05-28T02:37:16.226899Z","times_seen":147452,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/pages/login.php","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T21:30:03.010Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /pages/login.php HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Powered-By: PHP/8.2.12\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'nonce-05qXb+UDXk0VjjwiDyfw+A=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';\r\nFeature-Policy: geolocation 'none'; microphone 'none'; camera 'none'\r\nPermissions-Policy: geolocation=(), microphone=(), camera=()\r\nReferrer-Policy: no-referrer\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: DENY\r\nX-Robots-Tag: noindex, nofollow, noindex, nofollow\r\nCross-Origin-Resource-Policy: same-origin\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Length: 3502\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Select2","description":"Select2 is a jQuery based replacement for select boxes. It supports searching, remote data sets, and infinite scrolling of results.","website":"https://select2.org/","common_platform_enumeration":"","icon":"Select2.png","categories":["JavaScript libraries"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3502,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (324), with CRLF line terminators","md5":"f4e1bc91e9ff10002404540147147b6c","sha1":"0d5e428dc62b377be186dd19dd88e518d19d6b6e","sha256":"a8509784bafc974b921103c5a188ffdf0efd853c14c081d7a00f64f441b328d5","sha512":"b174b87609bc2daf4748cc701fe7d3371aee56425ff3ee72784cf196497c00c6d5017a6679d1470cb59d6d7c1e76c46048bee9b0a589e3c4e32018805a3b6d04","ssdeep":"","tlshash":"b571630428d04cb611b779d2ad72e1a8fc714207d605aa14b1fe27e75fb6e4cca27e19","first_seen":"2026-01-04T21:30:32.457123Z","last_seen":"2026-01-04T21:30:32.457123Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/css/custom.css","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.153Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/css/custom.css HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Mon, 05 Feb 2024 11:50:22 GMT\r\nETag: \"14ce-610a1110b5b80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5326\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":5326,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"1123383213092643b28c31c521a184ef","sha1":"5a584dd8aa499f0f0d97734b5f1c6a20444d77a4","sha256":"19567504a2faa9db6515f2323aeb58f0892db85b0fca2a3cb7ffea243369d43f","sha512":"18142c7ba5aad4a39538c863813b05fc38534f62c5c9182e591540650774e7755780e00de72fd43c55dabbf8ade06f2d2c1c0abc4caf23509b134c685d801414","ssdeep":"96:3I5or2lczkeSZohW07X8rDdau7iiN0IXlTFLRSL6C:Y5or2lcoeSZohVXudaIHNXlT6","tlshash":"e2b123b9c612261375779fe827d59001ef286063cd471bbcbac962048ff5494ab72ecd","first_seen":"2024-02-12T07:25:07Z","last_seen":"2026-05-23T23:29:29.997422Z","times_seen":257,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":2,"dns":0,"connect":21,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/img/favicon.png","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.647Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/img/favicon.png HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"736-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1846\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":1846,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"596af1ae4b10854e334121133691325b","sha1":"ccbaa5ee0def372ae2d791e7c0666e5777c75198","sha256":"576d5210ef7bd676fff12be80fd61b793c5acdc618b4734f2da4cd638966e496","sha512":"5a78081268e58b9e96feaf21aad8e5f34222e72503ab08f49598f9cadfd53fcff922bbd428e3b18ff1743d9edb8a54a4c258884c29619c1436dee22e207fe5ce","ssdeep":"","tlshash":"ab3108b7810a91fdcae2d2334003682be8bd6971c72d49a0f5ee43f3445ac80e214ba0","first_seen":"2024-02-09T20:55:52Z","last_seen":"2026-05-23T23:29:30.006866Z","times_seen":694,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/__UNAM_LIB/unam_lib.js","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.159Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /__UNAM_LIB/unam_lib.js HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"3b8-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 952\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":952,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"8c7fb12cb6f7e2df13448f35fcc57fb4","sha1":"d21730a298168b00466ccf8d73232794c789bc23","sha256":"203a6503c36c58ca3a61da4107de3834e15419b1f5540b98e7ff2c503b01e2ee","sha512":"671f8e9854d2b8ce21b4980f07f7dbf15dcad4e4f777375556d1b439a8693add58e4957486e3d527e1e7e054ecf85c3e2ea61a8ce4cf3c9948f2447f37b2eb90","ssdeep":"","tlshash":"da11484e3f0021ce0bbaa1d4d81e4d08f412e657a792ee96742c70982fb527daa01fd6","first_seen":"2023-03-08T15:22:52Z","last_seen":"2026-05-23T23:29:30.002355Z","times_seen":585,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"95.181.160.249/pages/login.php","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T21:30:02.942Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /pages/login.php HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T03:37:42.36904Z","times_seen":15804959,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":21,"send":0,"wait":0,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/fontawesome-free/css/fontawesome.min.css","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.146Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/modules/fontawesome-free/css/fontawesome.min.css HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"e23c-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 57916\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":57916,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (57726), with CRLF line terminators","md5":"bb747d04bc4c8aa452bb9bd91ae47935","sha1":"9039d9584b2e8f55f9da771dcf1b4854b6633e14","sha256":"e0351876703417eb2a9985cb15ecf9910966d2941e7c61c8f3907a2834c38383","sha512":"183bb769f52845161f8f209d3a443b13da8597ff3493d0e72ee6568e81e59f7d3818f52deaf354c3cb40e7aeae11806fa3bbefc2b9cb6f25c026f59a9a27b224","ssdeep":"768:GYh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSzO:GY0PxXE4YXJgndFTfy9lt5C","tlshash":"2f43f9b8e54c01cab731c44bef42b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-05-09T19:26:26Z","last_seen":"2026-05-24T02:28:57.045103Z","times_seen":482,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"95.181.160.249/assets/modules/izitoast/iziToast.min.css","fqdn":"95.181.160.249","domain":"95.181.160.249","tld":""},"ip":{"addr":"95.181.160.249","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://95.181.160.249/pages/login.php","date":"2026-01-04T21:30:03.149Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/modules/izitoast/iziToast.min.css HTTP/1.1\r\nHost: 95.181.160.249\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=hhn9cje7khe23arork87f6euag\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 21:30:03 GMT\r\nServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12\r\nX-Robots-Tag: noindex, nofollow\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"a221-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 41505\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"OpenSSL:3.1.3","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":41505,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (41419), with CRLF line terminators","md5":"b2f7bdc3ed47f5956551ce0333925792","sha1":"d2c6cd54cf8a6c040c28844b306543b76eeab8b8","sha256":"7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01","sha512":"3b4de7b57a15a9a1944c07809af436612ce40af72564470f42ed5eaa5a0f6877c9e51b8d1a24b897edddb9a89d0fcd353f9d09dbc107ca89c2574e825254d26a","ssdeep":"384:wV5zpPVWahj8Ik/4kYip7pHRiJhkgL6LlG1oLzlRCPoA50UhLoMPFPsR4lweGbzi:MPVNhlHgppGf1oWQA1","tlshash":"b21345fd15f0124454c6ab4296da6a980e3fcd9770ea1cef32cd344b8b46b9e136532b","first_seen":"2023-04-10T01:55:59Z","last_seen":"2026-05-27T20:32:20.509237Z","times_seen":1363,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":4,"dns":0,"connect":20,"send":0,"wait":30,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}}]}