{"report_id":"a917b657-70b4-42c5-afef-f4525786da3a","version":6,"status":"done","tags":[],"date":"2024-05-16T11:01:08Z","url":{"schema":"http","addr":"134.0.194.186:8082/login.php","fqdn":"134.0.194.186","domain":"134.0.194.186","tld":""},"ip":{"addr":"134.0.194.186","port":0,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"final":{"url":{"schema":"http","addr":"134.0.194.186:8082/login.php","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"title":"Bayan College"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T16:45:22Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"134.0.194.186:8082","ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":16,"request_count":16,"received_data":47743,"sent_data":6454,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/js/dateparse.js","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d642bc1b19c98e81fdaf5a6fc131515","sha1":"723881800aa6823f7a09ec61b19f0c5873c53a6e","sha256":"510b4bde27d9e5bafa9cfb91ec36d953f62df498a025459b106fcd1a905bb8b9","sha512":"f9331193dedda5eea05ece3c72d5532545257757a22c43efea299e2170aa43f6c6dce8db113770d0b230525ea4ecb5f6e0fd5cd4dc462e61a90ab30a6b9dfab3","ssdeep":"192:LMTpV/TsVePJ1m1OGBjqT5YN3tdHlbg/QohGaiQCUyI3v:LMTE70ajqT5YN3tdHlbg5GgFyIf","tlshash":"8542224af78c526667733165ce3e2089a53cc9712698ed62dc1ce56438d0c39a23efed","size":13023,"data":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.870282Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/js/date-parser.js","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab9e77659d29c371cac38dba73b50afc","sha1":"633664557e2cefef2192b4af4585d1519357617e","sha256":"908f10f7ef6133ddcc6fc0674686ea2ef546e69840a8add6f709a116b32cd42c","sha512":"28f3a15f867f632f0ca3d4899a916a72bef11b5d876fc00f7c6b55313481ffceb6f86acffa7603e9a59890f5bb7a1424f18ea8b3ad8c604af162f0d112d20ee9","ssdeep":"","tlshash":"4f71331a7e801679b29372340d3f5e99efb1d138ac584cab889ee4d45894d90407fffa","size":3632,"data":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.873134Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/login.php","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/js/events.js","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"introduction_type":"scriptElement","is_inline":false,"md5":"76f64a822f2b60a22100e9d2f8e823f0","sha1":"cf47cc7b953ab0ec0a053756dfea46bc37803e4d","sha256":"8674149ab6e8780e052be91e8d70016ce22a9f3b3c6850d5a807ce3b6880a3df","sha512":"eeadaea273a23c4d8ce92f1568fc600089833d7eab53374a666d1c23e445b9a6f22eb122d8d2afc789adb067956c5dbc1da1908eac69eed7fed62e38bdc61c86","ssdeep":"96:40MmVm//seXiOpN8xdVcTTGR7XTNwLjmE2TymLmB1Pc4aTWb:Ct7yw2CLjJmLxg","tlshash":"7ac1503c67de51b00368a93d8b2fa2da77bcd1e71a5090c614544d5c28f0d2e81bbee6","size":5985,"data":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.858333Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/js/calpopup.js","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9af0a987bd1a92ab6cc484acfc52481","sha1":"b856dd88a86f36efb2576eb80bb66d938e0892a6","sha256":"4980b334b60f799524252093239e35cc0f295de12adbb24e220888c487c6538a","sha512":"7c138de289658f2a1d30da5e3645e83f4a9d4fcc3158692ee5d87c4da3dc392501dbc4af12a7afbfb488501ffbe31daf070cd7b83a3e51ed6215c8610c98ac4e","ssdeep":"384:y7vY2qsQvZbDSNDVSCVuZVtd8NXBVSGdY12gaGN908jM/qLr+xd/:y7vOZbueCQZVzwBVSHN9ACLr+H/","tlshash":"37b2619bafa80f31837221558d0dc3c8ab7a407aa645ad5a7c5cb6ec60dcd31113def9","size":23776,"data":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.860913Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"0030e1edc21d89641d27c6b5a3fa24a7","sha1":"e0e65ede3242d1acacfab85f12183406dba30a19","sha256":"776011955d6cda9fe041db03ef019b67b1c6f5c8eb36fc3068198da7c007eef6","sha512":"cde940fbfe8f7e13f67a70110db166eb52885c64f58b208d531e0e0ffcb325843edff9e1e3e15f17086e706f9da6ad8f53aac3f87c4fe9c270377ef2960ab9d0","ssdeep":"","tlshash":"79d0003acaaa38a22b00ccbcc28020802a88a0a2f000c00b2008820f0cc020082b28b2","size":205,"data":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.886708Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"134.0.194.186:8082/login.php","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-05-16T11:00:42.771Z","timestamp":1715857242771,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /login.php HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:00:59 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nX-Powered-By: PHP/5.5.9-1ubuntu4.29\r\nSet-Cookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1573\r\nKeep-Alive: timeout=3, max=400\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1573,"size_decoded":6818,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"314912dbbe657bb6677c91345145e618","sha1":"04ed21c3a00020f9b746e86146d3610205287e30","sha256":"e3cd09465a29cb36d62a27b1dd7691ab1c62e150c7694bead92e9e8d9348c5bc","sha512":"7e83aea8a82967df69312b1fe329957253909fb63901856ca9d53d15caed4a236a769fd816f48190c13691332bc178839f999556eb844a8ebb48ddfef6715341","ssdeep":"96:M7SQedVM2Ms4A3focPFtkDhP+oBsFKSp5cDiZ6XXQRj59rrDCdX:M7SQedVM2Mcf1TESLcDio4vOX","tlshash":"1ce1df1269c1f7078e395850c3601da4cfea885787924c4875af626f1fb6c894f7b23c","first_seen":"2023-07-09T11:24:15Z","last_seen":"2024-08-20T22:04:17.610277Z","times_seen":2,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":182,"dns":0,"connect":188,"send":0,"wait":205,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/css/style.css","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.316Z","timestamp":1715857243316,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:00 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:38 GMT\r\nETag: \"42d9-4e4678ef49280-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2288\r\nKeep-Alive: timeout=3, max=399\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2288,"size_decoded":17113,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"6be8b2ccc615f0965493d585f79c8b53","sha1":"3afcd14261b99703eaed903923db604a0c964285","sha256":"8038c96642df30ded7e881836fa401d4ef47c89d844fd162a89ef0cab24bd9cb","sha512":"738ae7e97e8c5d2505faf6e1115353db8ecb43cf6d17cce981d6afb62d52df6de9f1e54aed85499a5ea7f9263cce9d339604ba03c0bdb1357a805c93c6351804","ssdeep":"192:GOsBt0vRF/FnF99FHP+Cs9M04kN+8okSyj1SKS4+j+gLRAZ4KD+RhKD+AyxObZ+J:GycUM4rhGyxOu5VLSbb3S","tlshash":"f0723262600e1106f22fc8e1b41bf5cbb70c851fd6536a99f4fabeedd8438948119b6c","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.88451Z","times_seen":3,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/css/calpopup.css","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.318Z","timestamp":1715857243318,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /admin/css/calpopup.css HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:00 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"2ccc-4e4678ed60e00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1619\r\nKeep-Alive: timeout=3, max=400\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1619,"size_decoded":11468,"mime_type":"text/css","magic":"ASCII text","md5":"ebb7505caa3e36036d83ce0df4a9d99a","sha1":"48536503dc6a8876571c882528ad82282b927fb7","sha256":"7d57a45426f84866cbf4c50745bd04af52c34dc0e29a30841218c02929304287","sha512":"f4e9f107df8a79929b26a76b1ad7aabf462780350f120fc1fd51b9cddfdfd8fa936e96ba8bdc7a957291dd2f5c6ecf316e6c67687e78633d31e26c3a4f799f18","ssdeep":"96:WThUe+F9tshD0KD6VHDKD6VHyKD6VHlKD6VHUKD6VH/KD6VHOKD6VHr:iq0wKD+jKD+SKD+FKD+0KD+fKD+uKD+L","tlshash":"3432ce636a571525f55dc0ecad1df2e8af0d800bdf4b1dbefce9b8ee9481840043959a","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.869129Z","times_seen":3,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":129,"dns":0,"connect":140,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/js/events.js","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.320Z","timestamp":1715857243320,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /admin/js/events.js HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:00 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"1761-4e4678ed60e00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 2180\r\nKeep-Alive: timeout=3, max=400\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2180,"size_decoded":5985,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"76f64a822f2b60a22100e9d2f8e823f0","sha1":"cf47cc7b953ab0ec0a053756dfea46bc37803e4d","sha256":"8674149ab6e8780e052be91e8d70016ce22a9f3b3c6850d5a807ce3b6880a3df","sha512":"eeadaea273a23c4d8ce92f1568fc600089833d7eab53374a666d1c23e445b9a6f22eb122d8d2afc789adb067956c5dbc1da1908eac69eed7fed62e38bdc61c86","ssdeep":"96:40MmVm//seXiOpN8xdVcTTGR7XTNwLjmE2TymLmB1Pc4aTWb:Ct7yw2CLjJmLxg","tlshash":"7ac1503c67de51b00368a93d8b2fa2da77bcd1e71a5090c614544d5c28f0d2e81bbee6","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.858333Z","times_seen":3,"resource_available":true,"data":null}},"time_used":436,"timings":{"blocked":138,"dns":0,"connect":148,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/js/date-parser.js","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.330Z","timestamp":1715857243330,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /admin/js/date-parser.js HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:00 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"e30-4e4678ed60e00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1378\r\nKeep-Alive: timeout=3, max=400\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1378,"size_decoded":3632,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"ab9e77659d29c371cac38dba73b50afc","sha1":"633664557e2cefef2192b4af4585d1519357617e","sha256":"908f10f7ef6133ddcc6fc0674686ea2ef546e69840a8add6f709a116b32cd42c","sha512":"28f3a15f867f632f0ca3d4899a916a72bef11b5d876fc00f7c6b55313481ffceb6f86acffa7603e9a59890f5bb7a1424f18ea8b3ad8c604af162f0d112d20ee9","ssdeep":"","tlshash":"4f71331a7e801679b29372340d3f5e99efb1d138ac584cab889ee4d45894d90407fffa","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.873134Z","times_seen":3,"resource_available":true,"data":null}},"time_used":543,"timings":{"blocked":167,"dns":0,"connect":185,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/js/calpopup.js","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.326Z","timestamp":1715857243326,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /admin/js/calpopup.js HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:00 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"5ce0-4e4678ed60e00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 6947\r\nKeep-Alive: timeout=3, max=400\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6947,"size_decoded":23776,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (822)","md5":"c9af0a987bd1a92ab6cc484acfc52481","sha1":"b856dd88a86f36efb2576eb80bb66d938e0892a6","sha256":"4980b334b60f799524252093239e35cc0f295de12adbb24e220888c487c6538a","sha512":"7c138de289658f2a1d30da5e3645e83f4a9d4fcc3158692ee5d87c4da3dc392501dbc4af12a7afbfb488501ffbe31daf070cd7b83a3e51ed6215c8610c98ac4e","ssdeep":"384:y7vY2qsQvZbDSNDVSCVuZVtd8NXBVSGdY12gaGN908jM/qLr+xd/:y7vOZbueCQZVzwBVSHN9ACLr+H/","tlshash":"37b2619bafa80f31837221558d0dc3c8ab7a407aa645ad5a7c5cb6ec60dcd31113def9","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.860913Z","times_seen":3,"resource_available":true,"data":null}},"time_used":666,"timings":{"blocked":210,"dns":0,"connect":225,"send":0,"wait":230,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/admin/js/dateparse.js","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.328Z","timestamp":1715857243328,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /admin/js/dateparse.js HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"32df-4e4678ed60e00-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 3395\r\nKeep-Alive: timeout=3, max=400\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3395,"size_decoded":13023,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"9d642bc1b19c98e81fdaf5a6fc131515","sha1":"723881800aa6823f7a09ec61b19f0c5873c53a6e","sha256":"510b4bde27d9e5bafa9cfb91ec36d953f62df498a025459b106fcd1a905bb8b9","sha512":"f9331193dedda5eea05ece3c72d5532545257757a22c43efea299e2170aa43f6c6dce8db113770d0b230525ea4ecb5f6e0fd5cd4dc462e61a90ab30a6b9dfab3","ssdeep":"192:LMTpV/TsVePJ1m1OGBjqT5YN3tdHlbg/QohGaiQCUyI3v:LMTE70ajqT5YN3tdHlbg5GgFyIf","tlshash":"8542224af78c526667733165ce3e2089a53cc9712698ed62dc1ce56438d0c39a23efed","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.870282Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1522,"timings":{"blocked":242,"dns":0,"connect":264,"send":0,"wait":1016,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/images/admin_ico.png","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.334Z","timestamp":1715857243334,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/admin_ico.png HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"601-4e4678ed60e00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1537\r\nKeep-Alive: timeout=3, max=399\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1537,"size_decoded":1537,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced","md5":"35da05fe2c8530701ee0e5cc69e5a33d","sha1":"a7aae06bbb29e6f15b4f36e265380f0a817fcf34","sha256":"151ec7f257072b5d78df4880da5e16833a592c27a3907f9caa199de3b8d39628","sha512":"6d70ae899b23a9454593100e8fd156d9a7b5476aeb988a76f284e707d1f98f323a59932cb3e3cf887a672fec366cd0f2433c3dbef4c0dec7efe6db19ddec2bb1","ssdeep":"","tlshash":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.863673Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1396,"timings":{"blocked":1253,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/images/login_key.png","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.333Z","timestamp":1715857243333,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/login_key.png HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"18e9-4e4678ed60e00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 6377\r\nKeep-Alive: timeout=3, max=399\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6377,"size_decoded":6377,"mime_type":"image/png","magic":"PNG image data, 41 x 51, 8-bit/color RGBA, non-interlaced","md5":"538c331a6c3097bcd1de6f8c96db8bbe","sha1":"0d3c311c0cb3787da9829e30fa3c440d19d0d78e","sha256":"13042157ff7a0d88d51a7eefb1606898de00bc7c2a5b1716d2b35c6ee1e74772","sha512":"03bf89050752a9c24ce56b7f68ddca2c34a00991070262378bc731241be53f9081cdc577e8f9361ea15d4bf946a845f6830373ef93913ee711b8870aa7d92e38","ssdeep":"","tlshash":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.882383Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1404,"timings":{"blocked":1254,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/images/staff_ico.png","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.337Z","timestamp":1715857243337,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/staff_ico.png HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"624-4e4678ed60e00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1572\r\nKeep-Alive: timeout=3, max=399\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1572,"size_decoded":1572,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced","md5":"36c14b386f48ed279764ad7398a3d4e9","sha1":"08d2e71fc9de58ce47c77bf5ec8efb726b6ce0f0","sha256":"c542a58a996947058d4581b436c0e3d70ccf29f7478b76dbbcc97a4c5370e481","sha512":"0443073b681ed2a5891072ef762710c21b54b5ff4f86e30b344f5f774d9f0cf6c1a2e0351e9ecd786b6d5a2ff60276286c0d91ed9026be0a50c7239b1bb77e0d","ssdeep":"","tlshash":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.874091Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1437,"timings":{"blocked":1249,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/images/logo.png","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.331Z","timestamp":1715857243331,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"26c9-4e4678ed60e00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 9929\r\nKeep-Alive: timeout=3, max=400\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9929,"size_decoded":9929,"mime_type":"image/png","magic":"PNG image data, 243 x 98, 8-bit/color RGBA, non-interlaced","md5":"62a8ff679a5f611ea1876cc407b4bcc0","sha1":"004cde992ab5e415cc117158092781064a216532","sha256":"6aa0a16734d7d18026cbe6a1020ff2acb1f89097b259b963f825d6eabeb952bb","sha512":"490066961f287459decf22943e12683c7253c6271b8a0b95868ecfc3802a2a6fb2c221cb04bfe1f12dfd79395000e112dbdc18c236b7c5806b59a4b3c4798a0a","ssdeep":"","tlshash":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.854155Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2731,"timings":{"blocked":1256,"dns":0,"connect":264,"send":0,"wait":193,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/images/student_ico.png","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:43.335Z","timestamp":1715857243335,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/student_ico.png HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"57a-4e4678ed60e00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1402\r\nKeep-Alive: timeout=3, max=399\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1402,"size_decoded":1402,"mime_type":"image/png","magic":"PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced","md5":"bbb5d58d2691d64d56deb9107510868a","sha1":"e8944df9bea2c686fd4501cdcaef05dbce7eda60","sha256":"23f65614cb5add035636f476fcbc74ee77ced360851ad22043952ce65086234f","sha512":"a902099a0a9b1eaacf64459166e4fbf2623045d37893ba75f33e4f7f8bbd276d86a9e490d0700bd4e3ebc76eaaec0f8dddaa2b897d35b5c9f3297747bb2a6a31","ssdeep":"","tlshash":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.866672Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1477,"timings":{"blocked":1251,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/images/login_btn.png","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:44.599Z","timestamp":1715857244599,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/login_btn.png HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"5d0-4e4678ed60e00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1488\r\nKeep-Alive: timeout=3, max=399\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1488,"size_decoded":1488,"mime_type":"image/png","magic":"PNG image data, 74 x 35, 8-bit/color RGBA, non-interlaced","md5":"bbf496b58f5e550388bbd63b296123f9","sha1":"c93f1898b3f3cad19eef3d74a6416913c5872f9b","sha256":"15ba26dc2e0639632191eacc5eb037efeaf5308babe18dbc6096979fa3a872a2","sha512":"0d7de53b7a300ec4b77a5dcc3321e032a311016750e51fa1483f3ff60721d01a0757a07097c124955f51248699abc32d3ce3ee7c314aa00580c74d24b46de0f1","ssdeep":"","tlshash":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.875895Z","times_seen":3,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/images/top_bg.jpg","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:44.603Z","timestamp":1715857244603,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/top_bg.jpg HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/css/style.css\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:36 GMT\r\nETag: \"152-4e4678ed60e00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 338\r\nKeep-Alive: timeout=3, max=398\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":338,"size_decoded":338,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 5x110, components 3","md5":"28a4333930bdd48112a6e07da05ba58e","sha1":"ab8da0ff34a1b5ed78b77607934302d9cd84234b","sha256":"f27e9addeb0c31342438bbd94ff5d5ea76472983f75e4cc469ae9de8a9aeb928","sha512":"4befd661a209c81d149a37f053016eb816087dc6aa7dea0ca356d6c52b07423d9b2dc10b627361d55dd8a16ec3ad277446366bb9b96b6dd23a20a1d3b3ef4153","ssdeep":"","tlshash":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.877515Z","times_seen":3,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":129,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/images/login_mdl_bg.jpg","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:44.606Z","timestamp":1715857244606,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/login_mdl_bg.jpg HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/css/style.css\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nLast-Modified: Tue, 20 Aug 2013 21:15:38 GMT\r\nETag: \"1a3-4e4678ef49280\"\r\nAccept-Ranges: bytes\r\nContent-Length: 419\r\nKeep-Alive: timeout=3, max=398\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":419,"size_decoded":419,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 970x3, components 3","md5":"31e500927e7cded98b2522bdf586620f","sha1":"7ca7b34f1055e4cda42f9d4844377cc3c79a02bb","sha256":"e5e1d807d48d51c8441af322adb6349cbd3a0ff3c37a83c23e8bd401c4a92a3c","sha512":"46ea45dce18d843096d6a099552e6c76553415c1f3a3e1e5ca67810d4a3f1d8cc64580b84ae8a4d1b417bdbd71e57edd3742ca65524758e0cf0cb19286579dd4","ssdeep":"","tlshash":"","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.879767Z","times_seen":3,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":132,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"134.0.194.186:8082/favicon.ico","fqdn":"134.0.194.186:8082","domain":"134.0.194.186","tld":"186:8082"},"ip":{"addr":"134.0.194.186","port":8082,"asn":28885,"as":"Oman Telecommunications Company (S.A.O.G)","country":"Oman","country_code":"OM"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://134.0.194.186:8082/login.php","date":"2024-05-16T11:00:44.889Z","timestamp":1715857244889,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 134.0.194.186:8082\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://134.0.194.186:8082/login.php\r\nCookie: PHPSESSID=82tpd2ave1dm3277ada059e3a5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 16 May 2024 11:01:01 GMT\r\nServer: Apache/2.4.7 (Ubuntu)\r\nContent-Length: 289\r\nKeep-Alive: timeout=3, max=399\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":289,"size_decoded":289,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"65924c05156c2f7881a5736f008dc540","sha1":"da354af16af1ae5757a7471caf7c6eb546b0644c","sha256":"f1a4aa655052f7fdd9fee1997d508d37043ecbf36a880f3850ba7341a7de7a95","sha512":"316cf0ecf05246f6f74fd9264ad09dc7d38cde15eb183f4df743a59dcc06358fa3ad689f0de226e626e0da9d71493073e3e1490bb3c31c65583c5c3f4c8a6f61","ssdeep":"","tlshash":"e2d0eb8e5053628e0e03105039c158c1228d22f2a87b42e83c8bd88362e883edd9aacc","first_seen":"2023-07-09T11:24:15Z","last_seen":"2025-09-02T14:35:53.883943Z","times_seen":3,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-05-16","alert":"Sinkholed","trigger":"134.0.194.186","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}