{"report_id":"e4d0ed95-1003-44ae-9099-b39e82a1607f","version":6,"status":"done","tags":["botpanel","malware"],"date":"2025-12-30T09:27:47Z","url":{"schema":"http","addr":"185.132.53.18/","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":0,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"185.132.53.18/pages/login.php","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"title":"Unam Web Panel — Login","dom":{"size":4153,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (983)","md5":"51fa656ee360385acbcd92facb50c338","sha1":"5b320d7de75c532a69a97c7cdde4501425c641de","sha256":"01b336da618eda38373b18e57ac3673f217e3c6f77638d7ff8d8c2e1c44d85b3","sha512":"16f8c13fb129cf237997f182d9f9aa0f271687f3ff15ca404ea290206f5a688ddcfaea1eceb54b12d7c0c2ca36fd1258afad5bc7eeae6df99a63deec4914e64d","ssdeep":"48:n2oSIShVY6se9Pq1B4FlXPyMntmFprkhSTSRS4ImGswot3JX95lZcvy0j:n2VM6se9i1U/dRSTSRS4ImGswGJbjWPj","tlshash":"2f81310118f0487710af29cb7df6b5382cb5820fd5095914b1bc43e45fb6d4eaa6bd1e","dom_hash":"domhash2e1f3dbeea8c4426889ead4fd8f030c4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"185.132.53.18/","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":0,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-03T09:27:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null},{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]},"summary":[{"fqdn":"185.132.53.18","ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":18,"request_count":18,"received_data":1795331,"sent_data":8606,"comment":"","tags":null,"fingerprints":[{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"Select2","description":"Select2 is a jQuery based replacement for select boxes. It supports searching, remote data sets, and infinite scrolling of results.","website":"https://select2.org/","common_platform_enumeration":"","icon":"Select2.png","categories":["JavaScript libraries"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"185.132.53.18/__UNAM_LIB/unam_lib.js","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c7fb12cb6f7e2df13448f35fcc57fb4","sha1":"d21730a298168b00466ccf8d73232794c789bc23","sha256":"203a6503c36c58ca3a61da4107de3834e15419b1f5540b98e7ff2c503b01e2ee","sha512":"671f8e9854d2b8ce21b4980f07f7dbf15dcad4e4f777375556d1b439a8693add58e4957486e3d527e1e7e054ecf85c3e2ea61a8ce4cf3c9948f2447f37b2eb90","ssdeep":"","tlshash":"da11484e3f0021ce0bbaa1d4d81e4d08f412e657a792ee96742c70982fb527daa01fd6","size":952,"data":"","first_seen":"2023-03-08T15:22:52Z","last_seen":"2026-05-23T23:29:30.002355Z","times_seen":585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"185.132.53.18/pages/login.php","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"2ddf07a0a506d46cb7a0db26b5ffaa19","sha1":"556168639d2c65ac35b482ac4f90b23d8347c3bb","sha256":"12ddc2c7b2b62b86948faf99cf6fb90f5aacd63040c714ab6b8aa1b8ee983aa9","sha512":"da017361f06869230fdf2445c92cb30c81c75c38c72149bae408aa63285013519ceb6e3d9038873a70b203db259df7a6a678fbf6d876bbf949b13ae456dd06a6","ssdeep":"","tlshash":"b8f0784e3571191b02bbb19b9fbf9004513b018ba014be127b9c25813f1114caf23d49","size":627,"data":"","first_seen":"2025-09-09T01:32:24.001611Z","last_seen":"2026-03-25T15:32:03.119581Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/select2/select2.min.js","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"37dd3c4be796c3e4d2914e336fc84624","sha1":"efd00b3c59b9093335cfcc043fa0576587676636","sha256":"d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772","sha512":"ee3039e0b935cd2756616e37bcb7416aeb4ae25d1b148871fc6bd6ef41738ce6e4bce089503b9865f35033cb778780b38f04a9a41be7a04e067000547cb9a1bf","ssdeep":"768:SopHucrre3DeGGG8MinEAs3j0TGE8jGookOlxNV7TWlOvBuZRgydn/RcSf2bK/Jw:m8hC3jIG+kOvVbyJJ1CD","tlshash":"2663c64c7a537234026f20e7256b140d22366b3e600b96a8b428cded6dbed15735bf3e","size":70852,"data":"","first_seen":"2023-03-08T15:22:52Z","last_seen":"2026-05-23T23:29:29.999833Z","times_seen":656,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/izitoast/iziToast.min.js","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"df383d4feeb05ea8bfe86a0569ef0524","sha1":"c6fd53b0a4abc2b73f55025ecb28d2eb65db93d4","sha256":"df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446","sha512":"66af68f84d34c61851ffbbc9e3d9b114d274290c351354cc5a43d3c6b59c9e97c41431178148b024720a8adf77116fd7c44df51d2239184396d3a1ba045d40b4","ssdeep":"384:9hKmhCPzlc5gVCPBpcG/0CEvXArKKpQi8VREgO3MrnHzxJBkHI4505P:3K5PzlcN8DXArhpQzRHO3M7TxfGIYUP","tlshash":"2582c894722032374aa329a960ff534a3772156ca9c641a4243fcdad5b34f8939f77f8","size":18486,"data":"","first_seen":"2023-03-07T12:01:52Z","last_seen":"2026-05-27T20:32:20.522778Z","times_seen":1637,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/jquery/jquery-3.7.1.min.js","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-05-28T03:34:51.365648Z","times_seen":161862,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"185.132.53.18/__UNAM_LIB/unam_lib.js","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /__UNAM_LIB/unam_lib.js HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"3b8-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 952\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]}],"data":{"size":952,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with CRLF line terminators","md5":"8c7fb12cb6f7e2df13448f35fcc57fb4","sha1":"d21730a298168b00466ccf8d73232794c789bc23","sha256":"203a6503c36c58ca3a61da4107de3834e15419b1f5540b98e7ff2c503b01e2ee","sha512":"671f8e9854d2b8ce21b4980f07f7dbf15dcad4e4f777375556d1b439a8693add58e4957486e3d527e1e7e054ecf85c3e2ea61a8ce4cf3c9948f2447f37b2eb90","ssdeep":"","tlshash":"da11484e3f0021ce0bbaa1d4d81e4d08f412e657a792ee96742c70982fb527daa01fd6","first_seen":"2023-03-08T15:22:52Z","last_seen":"2026-05-23T23:29:30.002355Z","times_seen":585,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T09:27:25.804Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T03:37:42.36904Z","times_seen":15804959,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":15,"send":0,"wait":0,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/css/adminlte.min.css","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/css/adminlte.min.css HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Tue, 20 Dec 2022 23:52:50 GMT\r\nETag: \"151a4a-5f04b222ad880\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1382986\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1382986,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65148), with CRLF line terminators","md5":"1f607cd21b69517f0e571761f1e6223a","sha1":"52330d894b72cf58ba3895122774972706b30a54","sha256":"a233b4121c506a32dc3fdfd447be80e7b369e9cbce5ee8ee7c8cc95d38c7b572","sha512":"dd4c9e9765b9dbafc469bfaf69980902ddc4065f88d96e4121f8dd374a255038c99acc2e7d7d3f4164e2723d0c466cb702a29c86ef5a3fd9979c347d98e0a8c0","ssdeep":"12288:JA6LNkwxKgkfBW6xBu0qLOLvyjC64IhkI:uwxKgkfBW6xBu0qLOLvyjC64IhkI","tlshash":"e225750960f13579b0ab4e1e6dfcf9600a1f94e9c4681fbfb57b37848b8458b6163e06","first_seen":"2025-08-06T17:01:45.869473Z","last_seen":"2026-05-23T23:29:29.994895Z","times_seen":166,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":37,"dns":0,"connect":16,"send":0,"wait":16,"receive":154,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/css/custom.css","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/css/custom.css HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 04 Feb 2024 13:09:09 GMT\r\nETag: \"14d3-6108e0cf44740\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5331\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]}],"data":{"size":5331,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"274d1b39686a1af376b031b629e3cea4","sha1":"01c5158874c3721961a929d68ce2bf602e29addb","sha256":"b6feea9f686c611086401d611e776bf8258a92ca065ba8269edfd4c6414e93da","sha512":"21e786e5db425c5b59fc1fdf3f262fb6e1be6b64bd173685e1d82cbcc171c4d6f6beb52f89ac68b9262527774303bc2187cb77f093cc8e3fbcac2ac957f1d8e4","ssdeep":"96:3I56r2lczkeSZohW07X8rDdau7iiN0IXlTFLRSL6C:Y56r2lcoeSZohVXudaIHNXlT6","tlshash":"ffb123b9c612261371779fe827d59001ef286063cd475bbcbac962048ff5894ab72ecd","first_seen":"2024-02-14T11:01:09Z","last_seen":"2026-03-25T11:24:14.258439Z","times_seen":29,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":36,"dns":0,"connect":22,"send":0,"wait":16,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/fonts/sourcesanspro-regular-webfont.woff2","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/fonts/sourcesanspro-regular-webfont.woff2 HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://185.132.53.18/assets/css/custom.css\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sat, 03 Feb 2024 10:44:42 GMT\r\nETag: \"503c-61077ea84fa80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 20540\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":20540,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20540, version 2.2949","md5":"d67b548b833d70dda3779916f5415e7e","sha1":"f1d3b0c478384a35f0766d9d1839aea81a164b3f","sha256":"8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535","sha512":"32ce084765a96ac31266b085ec6f16784b8c13eaaea28dc532304e203434f088e315e31dabc59f6fa8a42f447adafe8682b34c3f33adc695d140657302fa2950","ssdeep":"384:1RCN0g12CVceFNHIfF/WeFdM801OnXSvZHLfqaCBDTOxCd7KWn2lnepPKbkH1jV:GWg1jOfFw80MnXSvBfp4uMYZSPK4H1jV","tlshash":"4592e12851f8bfc1df2ea9753ef0c95cc6ad25503421f32552601b763f326a3745b286","first_seen":"2023-05-04T15:22:18Z","last_seen":"2026-05-26T20:47:05.141566Z","times_seen":1494,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/modules/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://185.132.53.18/assets/modules/fontawesome-free/css/solid.min.css\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"13174-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 78196\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":78196,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261","md5":"e8a427e15cc502bef99cfd722b37ea98","sha1":"a9922842a120a7f1eaced667480c5e185a106d69","sha256":"d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef","sha512":"113775748a4166c07e58c26cf6db7fed473732dc6124b8ee0f0dcc0d6439eb2ab2c5d9e01c67324fdf9de4105349cf30cc5796a0b0e0ce9a08f337b9d4e10b7b","ssdeep":"1536:1iGQV8Q8UOUMUd5UY3qyCkHQCCz2LL1F+u3MHLGxe3U:QVWuF33qy7HQchFz8HnU","tlshash":"3273121cf567643ef6a8e05f3c38256d4fd5c724e2e68a06748db808c4ce71d90879b6","first_seen":"2023-04-05T08:37:56Z","last_seen":"2026-05-28T03:33:45.641635Z","times_seen":147461,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/pages/login.php","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T09:27:27.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /pages/login.php HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nX-Powered-By: PHP/8.2.12\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'nonce-NJNAP3hmgAk9uWY/oltJkw=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';\r\nFeature-Policy: geolocation 'none'; microphone 'none'; camera 'none'\r\nPermissions-Policy: geolocation=(), microphone=(), camera=()\r\nReferrer-Policy: no-referrer\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: DENY\r\nX-Robots-Tag: noindex, nofollow\r\nCross-Origin-Resource-Policy: same-origin\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Length: 3528\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"Select2","description":"Select2 is a jQuery based replacement for select boxes. It supports searching, remote data sets, and infinite scrolling of results.","website":"https://select2.org/","common_platform_enumeration":"","icon":"Select2.png","categories":["JavaScript libraries"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":3528,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (324), with CRLF line terminators","md5":"4cccaafb992a17dcc8566cb2e1b8a37f","sha1":"3feceef71bf7bb2c6a4374b5c08587416d71ba89","sha256":"0c8785bbe6bda0fef298af8f8398be2528854f1f2f122955b5c66c74395e709e","sha512":"cae9af086cbdfd6cc75b537dc4c39307fce220799a9bc93233c9a0802d9b47f5166371f9b87535e84f9c373957aeaf1dbd5e2699cb7fb73dae17546842a58345","ssdeep":"","tlshash":"2771520428d04cab11b779d2ad72e1a8fcb64207d6056914b1ee13d76fb6e8cca27e15","first_seen":"2025-12-30T09:27:52.326947Z","last_seen":"2025-12-30T09:27:52.326947Z","times_seen":1,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/fontawesome-free/css/solid.min.css","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/modules/fontawesome-free/css/solid.min.css HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"2a1-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 673\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":673,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (483), with CRLF line terminators","md5":"3b659e3d10259f2c31001fee050aeb63","sha1":"b4be4363d60981bd76c578190333414f0b91407c","sha256":"7854d8e44687343f7178f324562de684a174684f0e92c66ce00d4c4bf1795fc1","sha512":"9df2a3d2a653ab9bf84b31b005de7403b132b0510cd042cca864cd337d08d847b09aeb705551868f6972122ecad701e8c81be484d33b893a1d2ba7c8ac740b09","ssdeep":"","tlshash":"3301d66d0646295141c10e0138d9ba59ed56f0b97c582f73b22adc298cfae5f21b9f09","first_seen":"2023-10-18T07:49:24Z","last_seen":"2026-05-25T14:33:41.006941Z","times_seen":454,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":36,"dns":0,"connect":16,"send":0,"wait":16,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/jquery/jquery-3.7.1.min.js","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/modules/jquery/jquery-3.7.1.min.js HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Mon, 15 Jan 2024 06:26:30 GMT\r\nETag: \"155ed-60ef61823b180\"\r\nAccept-Ranges: bytes\r\nContent-Length: 87533\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-05-28T03:34:51.365648Z","times_seen":161862,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":16,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T09:27:25.403Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T03:37:42.36904Z","times_seen":15804959,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":293,"dns":0,"connect":15,"send":0,"wait":0,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"http","addr":"185.132.53.18/","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T09:27:25.763Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T03:37:42.36904Z","times_seen":15804959,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T09:27:26.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Tue, 30 Dec 2025 09:23:57 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nX-Powered-By: PHP/8.2.12\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'nonce-gnq2Xzg/iKfs2vz/SKNO4Q=='; style-src 'self'; img-src 'self' data:; object-src 'none'; frame-src 'none'; child-src 'none'; worker-src 'none'; media-src 'none'; manifest-src 'none'; base-uri 'none'; form-action 'none';\r\nFeature-Policy: geolocation 'none'; microphone 'none'; camera 'none'\r\nPermissions-Policy: geolocation=(), microphone=(), camera=()\r\nReferrer-Policy: no-referrer\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: DENY\r\nX-Robots-Tag: noindex, nofollow\r\nCross-Origin-Resource-Policy: same-origin\r\nSet-Cookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t; path=/; HttpOnly; SameSite=Strict\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nLocation: pages/login.php\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3528,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-28T03:37:42.36904Z","times_seen":15804959,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":41,"dns":0,"connect":16,"send":0,"wait":20,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/fontawesome-free/css/fontawesome.min.css","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/modules/fontawesome-free/css/fontawesome.min.css HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"e23c-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 57916\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":57916,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (57726), with CRLF line terminators","md5":"bb747d04bc4c8aa452bb9bd91ae47935","sha1":"9039d9584b2e8f55f9da771dcf1b4854b6633e14","sha256":"e0351876703417eb2a9985cb15ecf9910966d2941e7c61c8f3907a2834c38383","sha512":"183bb769f52845161f8f209d3a443b13da8597ff3493d0e72ee6568e81e59f7d3818f52deaf354c3cb40e7aeae11806fa3bbefc2b9cb6f25c026f59a9a27b224","ssdeep":"768:GYh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSzO:GY0PxXE4YXJgndFTfy9lt5C","tlshash":"2f43f9b8e54c01cab731c44bef42b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-05-09T19:26:26Z","last_seen":"2026-05-24T02:28:57.045103Z","times_seen":482,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/izitoast/iziToast.min.css","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/modules/izitoast/iziToast.min.css HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"a221-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 41505\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]}],"data":{"size":41505,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (41419), with CRLF line terminators","md5":"b2f7bdc3ed47f5956551ce0333925792","sha1":"d2c6cd54cf8a6c040c28844b306543b76eeab8b8","sha256":"7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01","sha512":"3b4de7b57a15a9a1944c07809af436612ce40af72564470f42ed5eaa5a0f6877c9e51b8d1a24b897edddb9a89d0fcd353f9d09dbc107ca89c2574e825254d26a","ssdeep":"384:wV5zpPVWahj8Ik/4kYip7pHRiJhkgL6LlG1oLzlRCPoA50UhLoMPFPsR4lweGbzi:MPVNhlHgppGf1oWQA1","tlshash":"b21345fd15f0124454c6ab4296da6a980e3fcd9770ea1cef32cd344b8b46b9e136532b","first_seen":"2023-04-10T01:55:59Z","last_seen":"2026-05-27T20:32:20.509237Z","times_seen":1363,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":38,"dns":0,"connect":17,"send":0,"wait":17,"receive":24,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/img/favicon.png","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/img/favicon.png HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"736-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1846\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]}],"data":{"size":1846,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"596af1ae4b10854e334121133691325b","sha1":"ccbaa5ee0def372ae2d791e7c0666e5777c75198","sha256":"576d5210ef7bd676fff12be80fd61b793c5acdc618b4734f2da4cd638966e496","sha512":"5a78081268e58b9e96feaf21aad8e5f34222e72503ab08f49598f9cadfd53fcff922bbd428e3b18ff1743d9edb8a54a4c258884c29619c1436dee22e207fe5ce","ssdeep":"","tlshash":"ab3108b7810a91fdcae2d2334003682be8bd6971c72d49a0f5ee43f3445ac80e214ba0","first_seen":"2024-02-09T20:55:52Z","last_seen":"2026-05-23T23:29:30.006866Z","times_seen":694,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/select2/select2.min.css","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/modules/select2/select2.min.css HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"3a77-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 14967\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]}],"data":{"size":14967,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14965), with CRLF line terminators","md5":"ba5948c0bda0f5f26bd3068ce565deaa","sha1":"6d28595693ce13f1a79db7d5c73bd82b13cf63b5","sha256":"c2a282dd6dac10a3fbf469b4e67f489608777854e6d157bf11233dfbaa16851e","sha512":"b697887282e03a0838bc8fba10b5f85144dcf14727a01703ea6bbf047b30860c58aef75bcfc9fe76ae5f291be60369ad22cf39c98d7a1d8ac90b4ca68b2776a6","ssdeep":"192:pL5u/nTfc3aqPJRQ9CPjOtWlUJKLPcH9tPOs:3u/TfXARQ9htWGSPcdws","tlshash":"c162b935bacc2235b0bf8e7f6cf274946729dd5fc4111b9ab8e9e594c8e04540a8b60f","first_seen":"2023-04-05T16:05:37Z","last_seen":"2026-05-27T22:57:28.867799Z","times_seen":3225,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":37,"dns":0,"connect":16,"send":0,"wait":17,"receive":4,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/izitoast/iziToast.min.js","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/modules/izitoast/iziToast.min.js HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"4836-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 18486\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":18486,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18398), with CRLF line terminators","md5":"df383d4feeb05ea8bfe86a0569ef0524","sha1":"c6fd53b0a4abc2b73f55025ecb28d2eb65db93d4","sha256":"df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446","sha512":"66af68f84d34c61851ffbbc9e3d9b114d274290c351354cc5a43d3c6b59c9e97c41431178148b024720a8adf77116fd7c44df51d2239184396d3a1ba045d40b4","ssdeep":"384:9hKmhCPzlc5gVCPBpcG/0CEvXArKKpQi8VREgO3MrnHzxJBkHI4505P:3K5PzlcN8DXArhpQzRHO3M7TxfGIYUP","tlshash":"2582c894722032374aa329a960ff534a3772156ca9c641a4243fcdad5b34f8939f77f8","first_seen":"2023-03-07T12:01:52Z","last_seen":"2026-05-27T20:32:20.522778Z","times_seen":1637,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":18,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}},{"url":{"schema":"https","addr":"185.132.53.18/assets/modules/select2/select2.min.js","fqdn":"185.132.53.18","domain":"185.132.53.18","tld":""},"ip":{"addr":"185.132.53.18","port":443,"asn":215898,"as":"Julian Achter","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://185.132.53.18/pages/login.php","date":"2025-12-30T09:27:27.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"controlpanel29.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 08 Nov 2025 00:00:00 GMT","end":"Fri, 06 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F3:8F:A9:BB:FA:91:0A:6F:22:38:9D:F2:E0:72:DE:D6:0E:B1:4A:57","sha256":"47:A5:73:D2:B9:28:83:B7:95:2B:B6:A4:DF:0F:74:5C:6A:2A:E6:E3:D9:38:2E:55:E2:96:7D:F9:A0:1D:2A:54"}}},"request":{"raw":"GET /assets/modules/select2/select2.min.js HTTP/1.1\r\nHost: 185.132.53.18\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=7uicgdqdvukipjooc67fukh35t\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 30 Dec 2025 09:23:58 GMT\r\nServer: Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1\r\nLast-Modified: Sun, 01 May 2022 03:34:08 GMT\r\nETag: \"114c4-5ddeaf2bb4c00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 70852\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/x-javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.12","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"mod_perl:2.0.12","description":"Mod_perl is an optional module for the Apache HTTP server. It embeds a Perl interpreter into the Apache server. In addition to allowing Apache modules to be written in the Perl programming language, it allows the Apache web server to be dynamically configured by Perl programs.","website":"https://perl.apache.org","common_platform_enumeration":"cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*","icon":"mod_perl.png","categories":["Web server extensions"]},{"name":"OpenSSL:1.1.1w","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"UNIX","description":"Unix is a family of multitasking, multiuser computer operating systems.","website":"https://unix.org","common_platform_enumeration":"","icon":"UNIX.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Perl:5.34.1","description":"Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.","website":"https://perl.org","common_platform_enumeration":"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*","icon":"Perl.png","categories":["Programming languages"]}],"data":{"size":70852,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64130), with CRLF line terminators","md5":"37dd3c4be796c3e4d2914e336fc84624","sha1":"efd00b3c59b9093335cfcc043fa0576587676636","sha256":"d7a7379926f63b11f218a615443f004d03fc499bc1baf50d4142b1b2a76c3772","sha512":"ee3039e0b935cd2756616e37bcb7416aeb4ae25d1b148871fc6bd6ef41738ce6e4bce089503b9865f35033cb778780b38f04a9a41be7a04e067000547cb9a1bf","ssdeep":"768:SopHucrre3DeGGG8MinEAs3j0TGE8jGookOlxNV7TWlOvBuZRgydn/RcSf2bK/Jw:m8hC3jIG+kOvVbyJJ1CD","tlshash":"2663c64c7a537234026f20e7256b140d22366b3e600b96a8b428cded6dbed15735bf3e","first_seen":"2023-03-08T15:22:52Z","last_seen":"2026-05-23T23:29:29.999833Z","times_seen":656,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":19,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malware - Botnet panel","verdict":"malware","severity":"medium","comment":"Associated with Botnet webpanel","tags":["botpanel","malware"],"meta":null}]}}]}