{"report_id":"ef1c9bde-2ffd-4aff-bef7-26455b214cb7","version":6,"status":"done","tags":[],"date":"2023-08-25T11:22:19Z","url":{"schema":"http","addr":"182.160.125.188:8081/hrm/login.php","fqdn":"182.160.125.188","domain":"182.160.125.188","tld":""},"ip":{"addr":"182.160.125.188","port":0,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"final":{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/login.php","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"title":"Logic ERP Solution"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T08:29:49Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"182.160.125.188:8081","ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":15,"request_count":15,"received_data":1627368,"sent_data":6613,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/login.php","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/login.php","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/login.php","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-08-25T11:21:51.744Z","timestamp":1692962511744,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/login.php HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:38 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nX-Powered-By: PHP/5.6.36\r\nSet-Cookie: PHPSESSID=psbsgu1055hb40p91525asa2f3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nContent-Length: 4869\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4869,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, ASCII text, with CRLF line terminators","md5":"e0915ead1d9f34fe188f8a9fb5da6cd3","sha1":"03c0c6217540ac54770cfd2b9c65d3b0d886787a","sha256":"260563df202da4b0b38182832356c83fc96f47b8ec78754ccab716369673672e","sha512":"d27f9a33d9b2a2b696c3ce2645d8e699b74bdb3fce34805e775cdef19de7d3d09854dc79e9e10ff5945a9ef4c27376081be724685c2f8ccc043e7ec1eae3b1f0","ssdeep":"48:ImMq4hhpd5dTGYu/qsdgvOLsOkxk+diCKCWzACSCWzHC+VTCWHJq14Oo5aAAdq:Svl7kBUdi9tAXtHnVTE25aE","tlshash":"cca1242494ea943301b3c1c11ab65f5afec98217cb478a04b7fc6b9b1ff7c41a993949","first_seen":"2023-08-25T13:22:25Z","last_seen":"2023-08-25T13:22:25Z","times_seen":1,"resource_available":false,"data":null}},"time_used":857,"timings":{"blocked":199,"dns":0,"connect":216,"send":0,"wait":441,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:52.502Z","timestamp":1692962512502,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/css/login_pg_hr_payroll.css HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/login.php\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:39 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Mon, 23 Sep 2019 03:08:22 GMT\r\nETag: \"a22134-1b6f-5932fbb7f9580\"\r\nAccept-Ranges: bytes\r\nContent-Length: 7023\r\nConnection: close\r\nContent-Type: text/css\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7023,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"5212770ce3589a1d352edcf36a5e7089","sha1":"98e96c4b4d4be53b75453d6c44bae2538bee66d0","sha256":"3b3c601e3888da8fa6397e07cc95f2da3a707a15e72045ced6b3c0dce9b71804","sha512":"5cfac05d3aac57b6bbfd8d2e64e4d74c6fbab9622440ff1ed605455469443a1ba8caff0b6a6c760090cbae53afe9109bb44dba5f5d0a3198584e10b51f0231dc","ssdeep":"192:jsf+l5Jq62+dbPObDHKoS+yhe6QskidJ3a:4f+XJq62+NOHKo8eRw3a","tlshash":"d6e1dc10cb53604bb03ac899ab321359d76d818397068b3c7bba33a1af750dd9671bdd","first_seen":"2023-08-19T08:20:51Z","last_seen":"2023-08-25T13:22:25Z","times_seen":2,"resource_available":false,"data":null}},"time_used":642,"timings":{"blocked":213,"dns":0,"connect":213,"send":0,"wait":214,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/logic_logo_new.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:52.504Z","timestamp":1692962512504,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/logic_logo_new.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/login.php\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:39 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 05:38:46 GMT\r\nETag: \"a81422-1c2e-5855d514ce580\"\r\nAccept-Ranges: bytes\r\nContent-Length: 7214\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 215 x 90, 8-bit/color RGBA, non-interlaced\\012- data","md5":"6300b1200208521105fd75f4299a8e73","sha1":"5d5a886a6c4330868d14c829cd08ca0b76c7d4ab","sha256":"9d5174ee80b773f7c9f42270311eb1a108d1a1813ebfd9a863b152131e25f9e9","sha512":"cb263434ccc95b3ee826e64bb2ae05a35003ff6ab3515fdd568f03ad9cc17cc50e2b73cbd3cdf8c9e442e4e0318d7499bffa6d3ddcf1cc45857f0a632c841c78","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.127942Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1075,"timings":{"blocked":426,"dns":0,"connect":218,"send":0,"wait":218,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/lock.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:52.994Z","timestamp":1692962512994,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/lock.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:39 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 06:24:28 GMT\r\nETag: \"a8141e-d83-5855df4bc7f00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3459\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3459,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 19, 8-bit/color RGBA, non-interlaced\\012- data","md5":"9f66f4cbcbf59ca2dd72af8c9ef6ab65","sha1":"85fc729e2e583998e50fdd1f61d480d2b600126e","sha256":"2e0144cfb6d32ff5b9511e2302aab5c587f3c97f1b3cf52ed79f7afb8fd4de69","sha512":"c0d8cb9320186cce2704e2f848308fc3f465bb40221c591f36cb3f97276f5dfe52ad61621f22e7c425be4ddeb131584607716fb7d1b724ba97009371d31fd5b7","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.143607Z","times_seen":3,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":169,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/log_in.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.001Z","timestamp":1692962513001,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/log_in.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 07:08:56 GMT\r\nETag: \"a81425-ecd-5855e93c2f200\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3789\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3789,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 15, 8-bit/color RGBA, non-interlaced\\012- data","md5":"27e04461f8ee81877a413d78a2746df4","sha1":"651bf141e61f3b60eb548e6c32a827155e48280f","sha256":"e2bd80e8e4ad08089104b2910040eccded3110ca7ab97178fdfcc83776e4d806","sha512":"99992a2b4e01a5ac3ea67b31541424f9a9abfc3f0040ef3f3e3667016ed2a6577d084afa007fd10ac55cddb66865191d0415dc189c2ba08cac2ab50d0f096562","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.136764Z","times_seen":3,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":185,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/right_arrow.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.009Z","timestamp":1692962513009,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/right_arrow.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 07:36:28 GMT\r\nETag: \"a81428-c16-5855ef63a7700\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3094\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3094,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 13 x 22, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b33965cd53b06a87b6e58b80805fe623","sha1":"ffcf55991c379c6e296ad30c86af135eaa85c640","sha256":"268ee23500b1518ea986c0f612f5b8ddc8a494b8aaa2d021c2bcf701699f93db","sha512":"5a8dee2c417eb317d3f839778424d78013746c0db7990ca6d825cbd359f042232078aced89ddc24451516e18356c22b12643d4875ce9b1f321291e7eabd1897a","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.138681Z","times_seen":3,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":198,"dns":3,"connect":212,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/left_arrow.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.007Z","timestamp":1692962513007,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/left_arrow.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 07:35:46 GMT\r\nETag: \"a8141c-c5e-5855ef3b99880\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3166\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3166,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 13 x 22, 8-bit/color RGBA, non-interlaced\\012- data","md5":"8c164a0a9c892fcb6f291aa5a08b8586","sha1":"01b4ec50a8927d30bd17de7ab1585196941b7099","sha256":"8375c9eafb9118d995484f3d1327260868b1792e4e1a728b317f7da0fd76ce3c","sha512":"63c3c05dd040f0a945b0176439ee0e9d05a30ff7e432eda605709f1cad6a1756c487b4b256a7ceca190fe57ef1324221ed0d081cc7621e79c7a8bc9c582516f5","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.137722Z","times_seen":3,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":196,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/list_bg.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.011Z","timestamp":1692962513011,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/list_bg.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Mon, 01 Apr 2019 05:59:34 GMT\r\nETag: \"a8141d-f57-58571b9873d80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3927\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3927,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 21 x 20, 8-bit/color RGBA, non-interlaced\\012- data","md5":"2aa6ab5d45adceb3a65c84e8483f8d8d","sha1":"5fbd4add6a3741c8c10fe13f0059e3bfb049fbbd","sha256":"328fe0ac04f1680eabcc9716eddf09a73f5b5073c2a7af19e5eff4bf6c315852","sha512":"4ea5098a5cf61448cf27fb8472cd2317af4501ebd3fccac9928d6d89c8dbc9ba1b1510e819df5f2bfb73bb4566a4757ec05de9d4661aa5f91d2e229919cb7348","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.145791Z","times_seen":3,"resource_available":false,"data":null}},"time_used":640,"timings":{"blocked":205,"dns":0,"connect":217,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/phone.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.012Z","timestamp":1692962513012,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/phone.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nContent-Length: 307\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":307,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"525c6de8795879e9a09e2de5ae7275d5","sha1":"6a725b4e91340559a2e808956328b22a429e6fda","sha256":"577e264b0ab884c757af5527f4bb834fbfa8af19a08405014fedcf717bcc6ea7","sha512":"050674a446084c41b7f9e63b139340e23aee087c56a4263b81636a0b325a7e27175cbed0cf279701cf52fce1668db1b23e46877eb7358c2f27a0473d845841ea","ssdeep":"","tlshash":"b8e07d5d604332c74c03149035c115c7254c12e2a42a46a82b85e447d55847feea91c8","first_seen":"2023-08-25T13:22:25Z","last_seen":"2023-08-25T13:22:25Z","times_seen":1,"resource_available":false,"data":null}},"time_used":641,"timings":{"blocked":204,"dns":0,"connect":218,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/envelop.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.015Z","timestamp":1692962513015,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/envelop.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 07:59:28 GMT\r\nETag: \"a81418-c30-5855f487b9800\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3120\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3120,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\\012- data","md5":"10e31800c47aaa678c78ff14d6880368","sha1":"5a5f4a5533e1707c86ebffd0166f4ddf0a202e8a","sha256":"3132c5631a5c0915e934adf2fa4f0b65e16d4c03467c5c61e4477ad49ba40393","sha512":"05509b8be5e943ef8655b583318197565a1a310ed05cbb044d3b3c046b353c14ea75464a1dd9474d5a2c98a73b8415a30bb6d7c25ee162346d9e165b4de2f4e5","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.146625Z","times_seen":3,"resource_available":false,"data":null}},"time_used":804,"timings":{"blocked":363,"dns":0,"connect":220,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/globe.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.021Z","timestamp":1692962513021,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/globe.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 08:00:40 GMT\r\nETag: \"a81419-d87-5855f4cc63a00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3463\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3463,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\\012- data","md5":"71bd15d91335d65234be8e55676937e8","sha1":"468ae46b9fc40af611743bbd01275cf599455654","sha256":"5df5c86cff8a506126688131001f37cda63470806619fbd73990964148d15c1e","sha512":"54a158cf9eaf15f214aa51fb897358ac1f957cad2dcd787305e36935cda31ca703e4f8e2efe07315795b560e70ea3732dff5c677c9fe6371ab2e86251d386dfb","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.133727Z","times_seen":3,"resource_available":false,"data":null}},"time_used":817,"timings":{"blocked":383,"dns":0,"connect":216,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/lcation.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.023Z","timestamp":1692962513023,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/lcation.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 08:02:08 GMT\r\nETag: \"a8141b-fb9-5855f52050000\"\r\nAccept-Ranges: bytes\r\nContent-Length: 4025\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4025,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\\012- data","md5":"877f63588b46febbc67c74d729cd2d10","sha1":"cef843532fe3778e0b9ddda2733f92cffdb73e02","sha256":"94adad0b35f9f719144e4405b15adc626dd13404e717d6570720cb073cc820a6","sha512":"c9da48ab8fc2c6b304afc769fffb4ff07be6c8773c4727a2df56305b0ca649445a9d7f3ddf0d6abcf2080505b959b2d054d9a3b87a5766a406d6f7a618c9b1cb","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.130101Z","times_seen":3,"resource_available":false,"data":null}},"time_used":828,"timings":{"blocked":397,"dns":1,"connect":214,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/human.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:52.976Z","timestamp":1692962512976,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/human.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sun, 31 Mar 2019 06:24:04 GMT\r\nETag: \"a8141a-d2f-5855df34e4900\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3375\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3375,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 19, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7217d57d318826fbef8b005396edc590","sha1":"aa4d373862f7cfc81b9962d3a0142da278e68605","sha256":"f94ed3a2649896a9c582fd11b4099188b65beb9e0e274ac4b6f95e8a5f55f516","sha512":"d28197922566371d68da72f20e002fc29db951c5b6190f6e611589e79c3e2c4a16796f8b7e1a29fad1ec6a562f385844aa104dd25702803f790ec5893fc3949b","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.144712Z","times_seen":3,"resource_available":false,"data":null}},"time_used":898,"timings":{"blocked":457,"dns":0,"connect":220,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic_logo.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:53.978Z","timestamp":1692962513978,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic_logo.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/login.php\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:41 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Sat, 22 Oct 2011 07:13:28 GMT\r\nETag: \"a20909-590f-4afdded237600\"\r\nAccept-Ranges: bytes\r\nContent-Length: 22799\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22799,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 106 x 155, 8-bit/color RGBA, non-interlaced\\012- data","md5":"cd7236136174af2129b0d4b14c11a9ac","sha1":"2ff0a5053323a915f363bda21a64362f01778b5f","sha256":"1372c6d44474ad3548c35c874f37babad99bcf34387872bbb685eb409b028399","sha512":"3fbe91f9eae146220de66b1f02b0ea1421ce67d8ec2c32639970d416f1be160a3ab95280429bf927c2d62f8799e9316406ba44a3723ae42f754a57114daaf199","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2025-11-18T23:17:57.130984Z","times_seen":3,"resource_available":false,"data":null}},"time_used":647,"timings":{"blocked":0,"dns":0,"connect":216,"send":0,"wait":215,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"182.160.125.188:8081/hrm/images/logic/login_page_bg.png","fqdn":"182.160.125.188:8081","domain":"182.160.125.188","tld":"188:8081"},"ip":{"addr":"182.160.125.188","port":8081,"asn":24323,"as":"aamra networks limited","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://182.160.125.188:8081/hrm/login.php","date":"2023-08-25T11:21:52.948Z","timestamp":1692962512948,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /hrm/images/logic/login_page_bg.png HTTP/1.1\r\nHost: 182.160.125.188:8081\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://182.160.125.188:8081/hrm/css/login_pg_hr_payroll.css\r\nCookie: PHPSESSID=psbsgu1055hb40p91525asa2f3\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 25 Aug 2023 11:16:40 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nLast-Modified: Thu, 11 Apr 2019 12:45:54 GMT\r\nETag: \"a81423-17a625-58640911a4480\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1549861\r\nConnection: close\r\nContent-Type: image/png\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1549861,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1440 x 900, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3cef897ee5c398ab65e0d4ba3f65236d","sha1":"7bf72181d808251c63056816427c59724e6f23ba","sha256":"6069fe6728add00a72de4f9f0d28ed40bc65e26b38318df59a9b646aa4a9b567","sha512":"3196a3b0c5dbf5293b7f0bd90d39f82ea6d04a34e5159f6a410c06c899184e83cac02537d5760d5ad7b2bfc3c938f425a2a7add5c65c52da80aaf30d5b5db928","ssdeep":"","tlshash":"","first_seen":"2023-08-19T08:20:51Z","last_seen":"2023-08-25T13:22:25Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2694,"timings":{"blocked":472,"dns":0,"connect":216,"send":0,"wait":217,"receive":1789,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-08-25","alert":"Sinkholed","trigger":"182.160.125.188","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}