{"report_id":"70af99f1-0736-44f6-932e-c61ce8f0486b","version":6,"status":"done","tags":[],"date":"2025-07-07T23:26:52Z","url":{"schema":"http","addr":"join4ra.com/ar-aviator-in1","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.29.199","port":0,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"title":"1 A\u0026R Conv Land Aviator + CT 993 Variation IN"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-09-15T23:26:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-07-02T16:03:31.528552Z","alert_count":0,"request_count":1,"received_data":88169,"sent_data":419,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tsyndicate.com","ip":{"addr":"136.243.69.157","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2017-03-08","domain_rank":13042,"first_seen":"2017-03-16T09:04:54Z","last_seen":"2025-07-06T16:46:09.359813Z","alert_count":0,"request_count":1,"received_data":917,"sent_data":496,"comment":"","tags":null,"fingerprints":null},{"fqdn":"my.rtmark.net","ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":9054,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-07-03T14:07:24.354247Z","alert_count":0,"request_count":2,"received_data":2114,"sent_data":1049,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sc-events-sdk.sharechat.com","ip":{"addr":"34.120.129.12","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2001-09-11","domain_rank":726987,"first_seen":"2022-05-09T08:01:52Z","last_seen":"2025-07-04T04:05:57.880872Z","alert_count":0,"request_count":1,"received_data":12739,"sent_data":422,"comment":"","tags":null,"fingerprints":null},{"fqdn":"join4ra.com","ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-07-12","domain_rank":0,"first_seen":"2024-07-12T13:31:19Z","last_seen":"2025-07-04T23:09:47.575826Z","alert_count":25,"request_count":25,"received_data":1216521,"sent_data":11742,"comment":"","tags":null,"fingerprints":null},{"fqdn":"join4ra.push4site.com","ip":{"addr":"104.26.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-10-26","domain_rank":0,"first_seen":"2024-12-07T17:01:59.382623Z","last_seen":"2025-07-05T05:35:16.679361Z","alert_count":0,"request_count":2,"received_data":159091,"sent_data":843,"comment":"","tags":null,"fingerprints":null},{"fqdn":"apis.sharechat.com","ip":{"addr":"104.17.236.9","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-09-11","domain_rank":109357,"first_seen":"2019-11-01T05:19:08Z","last_seen":"2025-07-04T04:05:57.842136Z","alert_count":0,"request_count":1,"received_data":2635,"sent_data":487,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-07-02T15:11:10.459717Z","alert_count":0,"request_count":1,"received_data":345283,"sent_data":431,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"join4ra.com/ra/js/main2.js?v=67","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"2330a4e77127cd850e2e1d6b5a27c015","sha1":"ee224d7db7a93a080fbbdd8b121f01119aaf9f61","sha256":"6e4c2792122414b40c8e9052790e2c0878d25ef2e9ce1b8b8545376cf408e754","sha512":"5d013c78977eaac23ff089a4df6732b07e9cafc270684839c8eadc735615ed4335b9671f21fa0867aef0f3ef322f5c11c3ca0a8b18d58d8f767e46c71d7c0673","ssdeep":"384:lQxoyiZogSlGikiOiNifFG/6vsBjyf0CHKg+2mdsj9H1KtKyLC/sEj9H1ku3//i2:lU6UlXZf8fFG/6vsrg+Lde9HvsW9Haub","tlshash":"86724f1835f210724277617d57cf829832325047344dcd9abeacc7581f9ae6b98f2bea","size":16725,"data":"","first_seen":"2025-06-27T09:17:02.448505Z","last_seen":"2025-08-18T22:30:53.963069Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.push4site.com/sdk","fqdn":"join4ra.push4site.com","domain":"push4site.com","tld":"com"},"ip":{"addr":"104.26.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b5310326fe50f8c3512463ca84ca80e","sha1":"d7fd33868343bc0cd1fef72bbde02509567eec20","sha256":"0300e04a104d4ebbc9faa21c12075515b362d37d54ffaad43379e3272bdfc6c1","sha512":"2d053f5acc41b8bc4531852f5798837449c4454266f1557bcd91715097ce2405347e10bdac98c1b491135c7c8ace774182f04f1084cf4c0b51a3d0827feb4f3d","ssdeep":"1536:/ABtDx9M4jYuhnuhh2xYbrlsUkky3XF2P8T4VnOObC7At7Xf7gV790t7OWBiXiVe:kt6rls4VnOOaBd","tlshash":"1873c7865cc6703305af743afcbb2e4925372f0e599b84c09beb3591185ef4d960b78a","size":78788,"data":"","first_seen":"2025-07-01T18:37:47.085644Z","last_seen":"2025-07-10T21:35:55.554533Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e3016b2ebdcb6c1009c48640333778d","sha1":"351fdcf422fcd1d41f3806267776204f3f77714d","sha256":"883934be151eb46040aef50c22ba2776627c7270e98f91497aa01f4e0257d897","sha512":"167da2ea17340ec52a0a7eb6cbd6e9e5bf4123cec1ae7ed86bc66753dcd9c8d87a1d67bdfc4cc51aed44a40ab409d83efaba726411fcd679068c8d94d268e865","ssdeep":"","tlshash":"73e0ab9b3c556228d16924e96377a94d226211d239018891ead28c2a3a2cfca40febdc","size":422,"data":"","first_seen":"2024-07-30T23:20:24Z","last_seen":"2026-02-19T03:45:01.865769Z","times_seen":184,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sc-events-sdk.sharechat.com/web-sdk.js","fqdn":"sc-events-sdk.sharechat.com","domain":"sharechat.com","tld":"com"},"ip":{"addr":"34.120.129.12","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d66b689cf547e318ed21162b584718fc","sha1":"a8b44ea6f87cb0950f93c98524d4ddf0fc645902","sha256":"3518eddb275507b4275e5887ad4e205f9cbcfb96d4af3dbd13d1c6324b19916c","sha512":"e03ab377985cd66a863e69196e65d36300e2841aab63e2a97aaf82832cdde6e32809e5263e17567238150955b827046d42d121dd23b4da06d343140366caaa97","ssdeep":"192:tJCpsOCpJWaBKjYHRBwtKe4F3JapTyBtpDK7578rZgqXekMRiQvyKGyOI7vl:zCBC3PBKjYHRBwUe4dJ0nqXjwzyKGmvl","tlshash":"e7321ad8b185b4b116e702b6407ffa42a13609261849c090ee17dcd16cbce9b43b7f7a","size":11997,"data":"","first_seen":"2023-07-09T05:38:11Z","last_seen":"2026-04-04T22:50:57.58333Z","times_seen":507,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/js/script.js","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"867091778d359076ef504ea7af7d90c8","sha1":"cd45263ac89bd245c4f4c06fe6d303b2e881f6c2","sha256":"f5dbba301d3d1b4ae90717dcb370e01ffa2a2781d5f214b233f1139ba1f54dd0","sha512":"71486dc67fa213a945dfcd7c2f4eb38c030c1ca9ec03e1aa5ba814e50c0973de42ccacebbb61a42409a7827e707cf900858988bc50a522aca9977fbad081de9f","ssdeep":"96:8pdLz96CWRf+NxfrZR556uTQ04SMykMUyVHyiY:U6CWV+NdrZR55s0HkQ7Y","tlshash":"eac110743ef219205863e46b17d74214fb31e01b6a4acd443b2cc6850fd2aa5a6eeb9d","size":5720,"data":"","first_seen":"2025-07-03T10:35:12.475085Z","last_seen":"2025-08-09T04:13:00.813996Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-PCDPFZTW","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b729c47ef5d467acf480397ec4830666","sha1":"358ebfa04f5e1f4f76ca87731f8e7f9595e1427e","sha256":"a127d5cfc5203383c14e38d120d9f5e7859a802ff9ebb4e3c493aba628937b3f","sha512":"232ccc54dd836119b359bb2e1d9c02fa61a4cd6c706be05d472cc83f7609f0253a48a28d69038951c30398393a7c868833c9e2f42fd111c7be754cfafdccdfc4","ssdeep":"3072:ROX5NzPqQO8h5ET50Yo4UCxO2XEv1YyYXynuw6OwC4INvqd/BaRZyzzA3:w5Nzzhd2XSY7XC4INCd/BaKz8","tlshash":"4f742acd77d6b46283a36478903f114fb53a38a2b84cd894f089c8e82d74aa95177f7d","size":344236,"data":"","first_seen":"2025-07-07T23:26:53.597379Z","last_seen":"2025-07-07T23:26:53.597379Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ea66a949008314e463f558e7cf8df6a","sha1":"0a8306f0eeeec2b0c0b7350524898a38867dd1eb","sha256":"477f441b384130a65e6c26cbf35e1c317598d649bb9c2504585ad1392e4f9c8b","sha512":"e69283d708948cf027d0c3354c06624e1ef068fb338b4295707c1a2ceac8cbbd14b401251e4e6929edb817684ddde024b37c32bb6a77b7f6d6d5a131ee6918ef","ssdeep":"","tlshash":"850189b3d13091e9cb20cf4f28eb644fa672b48466b3c90080c6ec255d96ca923cb5ac","size":790,"data":"","first_seen":"2025-06-07T03:15:08.604771Z","last_seen":"2025-11-20T06:07:27.194691Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=30ad9352c82ad33590f17fe192ea4a987ccdec462c9204ae06cdf4aba3b499e0","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"87da3a6927f839f2b79e682aecdb80a1","sha1":"3a5837a7dfccfd406bbf129b6aab743a81158150","sha256":"1043004a3ed662ac2384b13b6830f088274991efdc7ba5600cc6271ee1df3bd4","sha512":"11a5a684740426d2ceb8d9b7f24c5da08452ee6521aaa8a792718fa2ebaa36a355199f7802444723565245c762512fc9e2ded1140269081d1896e5ebfee7cecd","ssdeep":"","tlshash":"0201f47d5786303464f134912b3afb8a353b12be5c676c04498c0418e368b9ff20add8","size":697,"data":"","first_seen":"2025-03-28T17:36:55.482019Z","last_seen":"2025-11-20T06:07:27.183243Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"2e065d481b5e47654fce9ef2fa37eaf6","sha1":"7d49cba97b5bbfff8b90d14a174a764df197fc0c","sha256":"775a84f4d7acb61e9f50414f74aa915c3a15158d80543ea018543ee2794eb8f9","sha512":"0719c854bdd0528555398d99ce67105819bec6b4646e4bc08b4ee1cbb113182d6d7387a36d38a55fa452391e832196865325787241ea847d01298e3d1387db04","ssdeep":"","tlshash":"51e026251e22b7ca08b7523d8e875311e173404fa8c0d807bc1df802ef2ce5d58c6b84","size":396,"data":"","first_seen":"2025-07-03T10:35:12.524112Z","last_seen":"2025-08-09T04:13:00.817756Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"e86346e4a9aeb46c0e99d951831683e1","sha1":"81e7ae64a6c3df6d877ad08abb4480ce0b417bd3","sha256":"e53dbda7ab75a96a767e0ebb6206c08927c5a3f5a97a2f77647ed62337736f2b","sha512":"fb07174b2a5f8ca3ba7c0b42138f88ef0bfc4897be91be4b63a1ddae459ea7837bfde2ef33e2051fec40f447e9867972558a3d8c12ae53db93a13b6418df2e46","ssdeep":"","tlshash":"5bf0ab9f76da14742d4b90765b2c8e243122226ab0444033bcfc88356f082ae0966bf8","size":493,"data":"","first_seen":"2025-06-07T03:15:08.606989Z","last_seen":"2025-11-20T06:07:27.195129Z","times_seen":119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/js/re.js?v=21","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae3285db3611225a4e24cb4390a31c5e","sha1":"3552f4dd7ff4dc27477debeb4de6d03d9f0e4c5a","sha256":"9c00d24d52a23b32cdc6dd2aa387aac923ffa23f17cc20fd6eece4af0aed7f80","sha512":"ffd540709254463db6c2adf964814009662544d52814dbbf32e2b598bc0fafa3b6f23adbf20c5ac9917570bb6c693d887cdcde79267109d71bd80ac1e5711834","ssdeep":"192:caiWX3bveZvXGPBU/QciCxc9dOzMxr56JcqrSU6EaNWjFZAAg+R0B09:pXzedX4Oh+OOcuxP2FFp4+","tlshash":"5d12fc9c60b311b642b731799f9b5324b1390187714ace4c7d8c83006f5eeada1f6bd9","size":9198,"data":"","first_seen":"2025-06-23T22:05:54.986231Z","last_seen":"2025-07-16T14:36:21.742233Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-04T23:40:41.807057Z","times_seen":136421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"join4ra.com/ra/img/phone.svg","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ra/img/phone.svg HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Wed, 08 Jan 2025 17:49:48 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"677ebabc-3c5\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":965,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"19b36e3dcb4afd5b1200e3d3924b5039","sha1":"178e41ecd71830888cf9739727abd8841bc0417f","sha256":"0c4f5c009579e13567eb6f01a3d615f86a158cde8cda74b97bc7a5e60a320dfc","sha512":"6e4cc363e1a1331729677118512fe6c7e9245f2fd793ca098aef1099e8bdffc48424396f5edb6855a35116591e85f29ec0c89350c02652a9d31eb198c37cc1f6","ssdeep":"","tlshash":"571121a693ec67d0e10a8ff1a535ba7c720f19b51b2bcce88051a956a01158c442c804","first_seen":"2024-12-31T14:48:37.22347Z","last_seen":"2025-08-09T04:13:00.810856Z","times_seen":8,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":94,"dns":1,"connect":30,"send":0,"wait":23,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.push4site.com/sdk","fqdn":"join4ra.push4site.com","domain":"push4site.com","tld":"com"},"ip":{"addr":"104.26.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"push4site.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Jun 2025 09:35:34 GMT","end":"Tue, 23 Sep 2025 10:35:31 GMT"},"fingerprint":{"sha1":"B0:4D:5F:5D:68:11:4A:E5:03:6C:8B:76:7B:57:37:62:9F:34:75:27","sha256":"E8:67:00:7C:6C:8D:3E:A2:5E:04:7A:BF:0E:9F:89:44:03:EF:15:42:74:DC:F0:C3:11:1F:09:22:85:24:96:03"}}},"request":{"raw":"GET /sdk HTTP/1.1\r\nHost: join4ra.push4site.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://join4ra.push4site.com/Static/Script/join4ra.js?v=4\r\nServer: cloudflare\r\nX-Powered-By: ASP.NET\r\nAccess-Control-Allow-Origin: *\r\nStrict-Transport-Security: max-age=31536000\r\nCf-Cache-Status: DYNAMIC\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Z4pO9YPos5WrX75cQGeewn%2Bml1z4VObAglqOdUnkw79sPh47IkEbrjfIQNu3QLr3wP2L4w52UODEHyIpZRPMOLVM6s0nPVe7UGQ8uAuifsPIQ%3D%3D\"}]}\r\nCF-RAY: 95bb1b6b294bb505-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":78788,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T23:47:04.105988Z","times_seen":13351467,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":35,"connect":1,"send":0,"wait":119,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/fonts/Poppins-Bold.ttf","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/fonts/Poppins-Bold.ttf HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 153944\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-25958\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":153944,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 13 tables, 1st \"GDEF\", 17 names, Microsoft, language 0x409","md5":"08c20a487911694291bd8c5de41315ad","sha1":"875cf0cecd647bcf22e79d633d868c1b1ec98dfa","sha256":"7219547ee25334cbac0fe4b3acf0bf631e48ebb622c71af038edaaa652c60875","sha512":"d1b6430ab61dfb667b1393ef4377ab49b19be86f0f3ae7fa062b5eae1c5b1d20de5aa22fdf519824b31b2d0fe18073a9b3ea5011c735a1886767922ce9476b4d","ssdeep":"1536:ynWSOZkPJr4O8jORN5pJR1JOWgmd5Fju/qIzYq+qJi5ExrwpcWS7J5ffnVxjSZUp:vSW8WO8qnJ4Bmd5tIzYAl7ffVaO6YxmK","tlshash":"2ae3082bf6a7cf5ee7266d74da72636345d8e43569bf824bb7026943e88b480cdc4201","first_seen":"2023-05-01T03:42:21Z","last_seen":"2026-04-04T23:18:21.454623Z","times_seen":2632,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":127,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.sharechat.com/self-serve-service/v1/external/selfServe/sdk/ECcfZ9V6HC/get","fqdn":"apis.sharechat.com","domain":"sharechat.com","tld":"com"},"ip":{"addr":"104.17.236.9","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:31.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sharechat.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Mar 2025 14:39:31 GMT","end":"Sat, 28 Feb 2026 14:01:09 GMT"},"fingerprint":{"sha1":"BA:EB:6F:6F:79:5A:16:B1:AD:09:DF:7E:47:1C:CE:3E:38:D3:5E:67","sha256":"1A:49:6E:2D:07:73:F7:0F:D1:CA:55:F6:20:18:86:C2:DD:9A:A4:F7:0C:9C:47:5D:D6:FA:54:97:21:57:1D:8B"}}},"request":{"raw":"GET /self-serve-service/v1/external/selfServe/sdk/ECcfZ9V6HC/get HTTP/1.1\r\nHost: apis.sharechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://join4ra.com/\r\nOrigin: https://join4ra.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 07 Jul 2025 23:26:32 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-dns-prefetch-control: off\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-download-options: noopen\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccess-control-allow-origin: https://join4ra.com\r\nvary: Origin, Accept-Encoding\r\netag: W/\"63f-D2Tvec1mjtiqn5+usLAO154uL5c\"\r\nx-envoy-upstream-service-time: 6\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=IZgnrnPhhsiiceW1_9lQ6G.aU0IQStGgODmolM5rJu4-1751930792-1.0.1.1-cJtVlyh6X6pWUmfr7EYE1M7drDluF7tx0KMmSL2Eyh_lD1Nm2xYbUy6DrJN8DCglUXpczW7hQ3Ybo9L..ut0Rm9L3hiufrBgLJrbxMTZM1A; path=/; expires=Mon, 07-Jul-25 23:56:32 GMT; domain=.sharechat.com; HttpOnly; Secure; SameSite=None\n_cfuvid=J1jWz9zWtHp5u5sCf5wVPxYEJGgWZtDVj464qK5GRcE-1751930792197-0.0.1.1-604800000; path=/; domain=.sharechat.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\ncf-ray: 95bb1b79bbdb56c0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1599,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"167f03a92913965698ce064aae445e61","sha1":"0f64ef79cd668ed8aa9f9faeb0b00ed79e2e2f97","sha256":"e53e4c43dac158fc95cdc033fffb419d09bfdf326931277dd647264f594abe98","sha512":"0ea049e3ac6e1832cbe711dbd487c490301c112b0061f846d9fc192b598cb6295558659612b92d117e68af3563d36b1e37ef50bbbd1250c058f0aacab06397a1","ssdeep":"","tlshash":"dc31b0342142ccbcb7da53618bee5f06e0c44653d5ce88ab9cd65fb8458c24d4308deb","first_seen":"2025-04-17T17:33:57.366072Z","last_seen":"2026-02-19T03:45:01.831276Z","times_seen":168,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":68,"dns":52,"connect":1,"send":0,"wait":243,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ra/img/flag/in.svg","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ra/img/flag/in.svg HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Tue, 25 Mar 2025 16:43:47 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67e2dd43-339\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":825,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"29cf255ded1929a627ee175783817d15","sha1":"5e1dfaa3e16b72479cafb927b7c8fb2115c6513a","sha256":"c49eb8f6dddd9a910d54092d31fb812b6e542f5a8dda6dbc7911e795078da2c9","sha512":"7bbad0cf0905c20871b53c958e90b8b1346111d0baf083a5a38dd4d2806d9a64197728b79efaf9586353a90f6d7e936fa40493e7df95de45b349aec75185a716","ssdeep":"","tlshash":"dc01ce08293cbc2e8a14c604d5de78edc40f1c1683c60897f3235c4e577db665285adb","first_seen":"2025-01-17T11:35:25.60175Z","last_seen":"2026-03-23T06:06:18.872594Z","times_seen":88,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":102,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ra/img/flag/bd.svg","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ra/img/flag/bd.svg HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 165\r\nLast-Modified: Tue, 25 Mar 2025 16:43:47 GMT\r\nConnection: keep-alive\r\nETag: \"67e2dd43-a5\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":165,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"73c177e4545c26b844551aa8038970b0","sha1":"27813f9813b9f4f2e8d19f96dceeed59b46bd7a7","sha256":"0bcebecf72e484402234e3425a9c99dc77872d4f67406e496aee216f5216434e","sha512":"8761ee9c3404854f4c6f959330dd2a2a0ee790262ff8a88084890e30c5d456ae04efe8540915f02bb12c680ec6105b8d5003570a9c04e5935bbb0e3db087465c","ssdeep":"","tlshash":"0ac0806b519db904d910c254461975c1125b70c643060289e4d414b560057e73c00658","first_seen":"2023-05-09T05:26:06Z","last_seen":"2026-01-19T22:17:44.059558Z","times_seen":86,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":107,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/js/script.js","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/js/script.js HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67fd0d18-1658\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5720,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"867091778d359076ef504ea7af7d90c8","sha1":"cd45263ac89bd245c4f4c06fe6d303b2e881f6c2","sha256":"f5dbba301d3d1b4ae90717dcb370e01ffa2a2781d5f214b233f1139ba1f54dd0","sha512":"71486dc67fa213a945dfcd7c2f4eb38c030c1ca9ec03e1aa5ba814e50c0973de42ccacebbb61a42409a7827e707cf900858988bc50a522aca9977fbad081de9f","ssdeep":"96:8pdLz96CWRf+NxfrZR556uTQ04SMykMUyVHyiY:U6CWV+NdrZR55s0HkQ7Y","tlshash":"eac110743ef219205863e46b17d74214fb31e01b6a4acd443b2cc6850fd2aa5a6eeb9d","first_seen":"2025-07-03T10:35:12.475085Z","last_seen":"2025-08-09T04:13:00.813996Z","times_seen":7,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":69,"dns":2,"connect":28,"send":0,"wait":26,"receive":2,"ssl":62},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/images/arrow.png","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/images/arrow.png HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 1012\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-3f4\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1012,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 63 x 87, 8-bit colormap, non-interlaced","md5":"0e52e2e167d82f60500aa708c4089f77","sha1":"b5d47be8d2f83fa427de392c0fcbde17b73ba180","sha256":"f8432a866f2b04ec319f3d0a0b58c61dfd70abe1a5aaf075b98635eaa545a834","sha512":"03e69982f3cdeeadae132c692fbbb205ae17cc6bc4d5ca1c89641e80f978c4f9725119f74b55b8637591d7e981cb6ffb3d257e94c6c0b44982bbb0caf05c7392","ssdeep":"","tlshash":"3611a5c7eb8253d4fc37dda3f78e21081237465c9e2a00181249c62a8fa7a0dd52e508","first_seen":"2025-07-03T10:35:12.509719Z","last_seen":"2025-08-09T04:13:00.807134Z","times_seen":7,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/images/border-wheel.png","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/images/border-wheel.png HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 68953\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-10d59\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":68953,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 681 x 681, 8-bit colormap, non-interlaced","md5":"e29a65809290aa570c89d59381b49ddb","sha1":"1f896ed0ba981971acb6dbeb8fb6477d2938b151","sha256":"a1e14500f9f53424207a8225ee9951b2c333b38df447c2428d245e0d678fb93e","sha512":"3656bb34155021357779988a1c21ad2848f43ebfa1d95b13870807e677c5c067f89257768d93f14bac8dd77a3f9802af67e91a83ec9ef729a3ef8487ba2d7128","ssdeep":"1536:bYJmzWpdp2IDarfeRPnjNlTG1VowK8ROFXSa0jmcDFt/1zor04Dk:ZWhLarfePnjXYohdADv10Dk","tlshash":"2263024a0e4d49e8203f95bbdc39acadb98e5383d3b76d50a79d08cdcc483d49c89696","first_seen":"2025-07-03T10:35:12.494495Z","last_seen":"2025-08-09T04:13:00.802734Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":1078,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/favicon.ico","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:30.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:30 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 34494\r\nLast-Modified: Mon, 14 Apr 2025 13:26:49 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d19-86be\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34494,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"321b83e30cbbeb228649c5a9e9c3a194","sha1":"acd1f537cc264d56334352ea8ac96f506ad2a863","sha256":"f61b3e105cc46934e5a14b52b7977d8b738b5719233fc97ae82ddf8c1c7ede92","sha512":"9d6d4fd798f97b1a175e46c00c6fbe119293d715c20c9f794cd5cbac8149e24315bfeb01888f1bcdcf961f5a2bf47a124aad1c0edc4a9d53f79a490dc679ca82","ssdeep":"768:DAQSIQCJKRkJgUZZl4gKJJJKJVJWkJgnZOKJ8ZJgLKJ80VwnEUTEhwVDL:A","tlshash":"13f2fd1152f3c473d0744f36f769c773acba3890e840ff7246e632b6bae69a21655221","first_seen":"2024-07-15T20:04:40Z","last_seen":"2026-04-02T01:03:35.698512Z","times_seen":157,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/css/style.css","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/css/style.css HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67fd0d18-37cb\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14283,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"51c2af237d1dd72d43ce325d9354b850","sha1":"7416b44bdd15b35a6e3c9b3b19bc7b6f974ffe8b","sha256":"7d5d45f21406508428cf73ffae3b6c29661f7324e847419b5b8cd9b5eed31037","sha512":"caba0888b4b620f607238cd873ca97616853c606ceea4c041de8de50654b9996561e3894c8eb88a380a263453374d26849d2d8711f483ae1f9ae4b75b22307e1","ssdeep":"192:K5eN+W2kk+f4lH0HGobD8ZwiarslX3CREeRUm/A6k6xlym6G7/xVZ2CXc01P+MLe:KXsdwKOHChNlrN1lq","tlshash":"a2520d255f731485a197c4ad3fba4b94b36c84435206c83a7f9cba919f8113b0cba7ad","first_seen":"2025-07-03T10:35:12.501117Z","last_seen":"2025-08-07T08:53:24.798768Z","times_seen":6,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":79,"dns":1,"connect":23,"send":0,"wait":23,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ra/img/chip.png","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ra/img/chip.png HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 2373\r\nLast-Modified: Wed, 08 Jan 2025 17:49:48 GMT\r\nConnection: keep-alive\r\nETag: \"677ebabc-945\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2373,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"71f21cd71d25583dd4fa3cee1a37d6ea","sha1":"954cd0eb4ca1ddb55cdd7ae6299cac9fc59a949c","sha256":"e0c39f361ba0c18c4b36f899c444e07dba63298982f31118ebea03e9ffb5386a","sha512":"f52d0729119c114274d94dd6ab9ca4c00fbbeb5dd2462397207608905a1af736a81ada6c84d1856ddd3dc9a79e6d6fd69f2354e7a329f68c3ddbc0ece1ad681d","ssdeep":"","tlshash":"d9415bfab7a169b8046b4a75b42ee222642d54c61c4a1e87cc35d9230bec202cc4c228","first_seen":"2024-12-31T14:48:37.216701Z","last_seen":"2025-08-18T22:30:53.95716Z","times_seen":59,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":105,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ra/js/main2.js?v=67","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ra/js/main2.js?v=67 HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 23 Jun 2025 09:54:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6859245e-4155\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16725,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"2330a4e77127cd850e2e1d6b5a27c015","sha1":"ee224d7db7a93a080fbbdd8b121f01119aaf9f61","sha256":"6e4c2792122414b40c8e9052790e2c0878d25ef2e9ce1b8b8545376cf408e754","sha512":"5d013c78977eaac23ff089a4df6732b07e9cafc270684839c8eadc735615ed4335b9671f21fa0867aef0f3ef322f5c11c3ca0a8b18d58d8f767e46c71d7c0673","ssdeep":"384:lQxoyiZogSlGikiOiNifFG/6vsBjyf0CHKg+2mdsj9H1KtKyLC/sEj9H1ku3//i2:lU6UlXZf8fFG/6vsrg+Lde9HvsW9Haub","tlshash":"86724f1835f210724277617d57cf829832325047344dcd9abeacc7581f9ae6b98f2bea","first_seen":"2025-06-27T09:17:02.448505Z","last_seen":"2025-08-18T22:30:53.963069Z","times_seen":57,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":70,"dns":0,"connect":23,"send":0,"wait":24,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/fonts/Poppins-ExtraBold.ttf","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/fonts/Poppins-ExtraBold.ttf HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 152764\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-254bc\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":152764,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 13 tables, 1st \"GDEF\", 19 names, Microsoft, language 0x409","md5":"d45bdbc2d4a98c1ecb17821a1dbbd3a4","sha1":"4b5c0750f073abd576413a0898d3b95adaf199c8","sha256":"94a215f88fbde9099cb3bd1431b8142aba26af36f8771effec56a94bc3aad1fd","sha512":"7250cfa8ba4b57c45b8621179f45b4eaa9c74aadec1798a7d5016ec6c889e0a763c1de4f46b4a8e87c94664f24cd11acfc766467b2242e7fc0ef9dc4f4a3b2c1","ssdeep":"1536:U4ZiXuH4HIkPJr4OoflKmJR74SLR5jceYuuqIpPfNwP3XLrIAbvl9+/gwbFitHwz:Umie2I8WOo1JHovXfNwP3XHa46YtQz","tlshash":"bae31b6bf7a3ce99e7676d39d672537308dea8312d7f861b67025913e88b881ccc4241","first_seen":"2023-05-22T15:24:43Z","last_seen":"2026-04-04T19:56:06.376673Z","times_seen":330,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":144,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.push4site.com/Static/Script/join4ra.js?v=4","fqdn":"join4ra.push4site.com","domain":"push4site.com","tld":"com"},"ip":{"addr":"104.26.4.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"push4site.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Jun 2025 09:35:34 GMT","end":"Tue, 23 Sep 2025 10:35:31 GMT"},"fingerprint":{"sha1":"B0:4D:5F:5D:68:11:4A:E5:03:6C:8B:76:7B:57:37:62:9F:34:75:27","sha256":"E8:67:00:7C:6C:8D:3E:A2:5E:04:7A:BF:0E:9F:89:44:03:EF:15:42:74:DC:F0:C3:11:1F:09:22:85:24:96:03"}}},"request":{"raw":"GET /Static/Script/join4ra.js?v=4 HTTP/1.1\r\nHost: join4ra.push4site.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://join4ra.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 18536\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nCache-Control: max-age=1800\r\nContent-Encoding: gzip\r\nLast-Modified: Tue, 01 Jul 2025 00:43:51 GMT\r\nEtag: \"80bdb13621eadb1:0\"\r\nVary: Accept-Encoding\r\nX-Powered-By: ASP.NET\r\nAccess-Control-Allow-Origin: *\r\nStrict-Transport-Security: max-age=31536000\r\nCf-Cache-Status: HIT\r\nAge: 1287\r\nAccept-Ranges: bytes\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GsM3UN%2Fq%2Fbria3H8fJcDwyyfkYFrRrwKRJKPInt12IPuKF3RNsbDCojgU70KVASESdGWUkrdIrF%2FsE%2FIXqHOPwI4sTXlCnokX67SYKCZrtiTgw%3D%3D\"}]}\r\nCF-RAY: 95bb1b6d1b01b505-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":78788,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64208), with no line terminators","md5":"4b5310326fe50f8c3512463ca84ca80e","sha1":"d7fd33868343bc0cd1fef72bbde02509567eec20","sha256":"0300e04a104d4ebbc9faa21c12075515b362d37d54ffaad43379e3272bdfc6c1","sha512":"2d053f5acc41b8bc4531852f5798837449c4454266f1557bcd91715097ce2405347e10bdac98c1b491135c7c8ace774182f04f1084cf4c0b51a3d0827feb4f3d","ssdeep":"1536:/ABtDx9M4jYuhnuhh2xYbrlsUkky3XF2P8T4VnOObC7At7Xf7gV790t7OWBiXiVe:kt6rls4VnOOaBd","tlshash":"1873c7865cc6703305af743afcbb2e4925372f0e599b84c09beb3591185ef4d960b78a","first_seen":"2025-07-01T18:37:47.085644Z","last_seen":"2025-07-10T21:35:55.554533Z","times_seen":26,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":12,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ra/css/ra.css?v=21","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ra/css/ra.css?v=21 HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 23 Jun 2025 09:54:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6859245e-2144\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8516,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"24b330b29bae6247dda88956c4bef9f5","sha1":"a7d5f3e51650c8807de09ea04c5ec9d9478a9114","sha256":"72d0de93d7ac0dec1f552107441a85d20a6b30f8f410c49421941668f47b6218","sha512":"ab38ddcfefc1d3f1036c9655993d51d59b6c3a8ed1972ed194bdcf969e216068844d6bb955afe4892eb2e0f9fc7548c9fdb7f53de3bc45552b0efbc171c9445b","ssdeep":"96:S2CIJW+wTJv1ZJtoJfFxipFUiaujJShYelkHewUV6HdyFVDZ6B8pSXb/6zer8:S2C0lwF1Cf3xuutaYDZ6B8pSXz6zL","tlshash":"ba02748139227400e62bd0a63fea9fc4923c84418a2a5c337974766d5fc92cd8677b8f","first_seen":"2025-06-27T09:17:02.460142Z","last_seen":"2025-08-18T22:30:53.946253Z","times_seen":59,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/images/woman-1.png","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/images/woman-1.png HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 224674\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-36da2\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":224674,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 679 x 1032, 8-bit colormap, non-interlaced","md5":"e657ff995e3776c42cb3eba2c365cdbe","sha1":"728e2806e5320efcfabb008bf73ea83dd586add9","sha256":"71c83c894e3c7d592fc2442ba85a78b900816637730e85a4dcc1e7d197bd3a4d","sha512":"7e59b39aa5a059522c214dfdcd8a849418ea7eee6b4051f6962ba6c1d85116601844854bd315b6ace5fa51bea628c32e30e9219cc0aa463233345fc22ed96009","ssdeep":"3072:cGa2WXZrI5SMHfwe4cX4cqQVJR0fgbpvU2hZ99cB46UqWKdgogd3jtR+xOmH5LmB:+XyHoe4qFqQeinhI1Fd7gC8wtHN6U5J4","tlshash":"37242288ada4c15ff92f72cec62811263293b8f5e86221ff976051f2dc6bb3155a0f11","first_seen":"2025-07-03T10:35:12.485228Z","last_seen":"2025-08-09T04:13:00.802136Z","times_seen":7,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":114,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-PCDPFZTW","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 17 Jun 2025 20:01:48 GMT","end":"Tue, 09 Sep 2025 20:01:47 GMT"},"fingerprint":{"sha1":"06:CD:2A:9C:6E:F9:40:51:AA:E0:81:4A:BB:69:6C:BA:FA:AD:AB:4D","sha256":"1B:95:49:C5:E3:2A:C0:62:E1:BC:32:D7:0D:42:D7:C5:E7:36:6B:3F:52:5B:32:17:80:51:05:4E:56:B5:5C:B1"}}},"request":{"raw":"GET /gtm.js?id=GTM-PCDPFZTW HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 07 Jul 2025 23:26:30 GMT\r\nexpires: Mon, 07 Jul 2025 23:26:30 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Mon, 07 Jul 2025 22:36:42 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1319:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1319:0\r\nreport-to: {\"group\":\"ascgcycc:1319:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1319:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 107730\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":344236,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (39059)","md5":"b729c47ef5d467acf480397ec4830666","sha1":"358ebfa04f5e1f4f76ca87731f8e7f9595e1427e","sha256":"a127d5cfc5203383c14e38d120d9f5e7859a802ff9ebb4e3c493aba628937b3f","sha512":"232ccc54dd836119b359bb2e1d9c02fa61a4cd6c706be05d472cc83f7609f0253a48a28d69038951c30398393a7c868833c9e2f42fd111c7be754cfafdccdfc4","ssdeep":"3072:ROX5NzPqQO8h5ET50Yo4UCxO2XEv1YyYXynuw6OwC4INvqd/BaRZyzzA3:w5Nzzhd2XSY7XC4INCd/BaKz8","tlshash":"4f742acd77d6b46283a36478903f114fb53a38a2b84cd894f089c8e82d74aa95177f7d","first_seen":"2025-07-07T23:26:53.597379Z","last_seen":"2025-07-07T23:26:53.597379Z","times_seen":1,"resource_available":false,"data":null}},"time_used":943,"timings":{"blocked":427,"dns":56,"connect":43,"send":0,"wait":38,"receive":53,"ssl":320},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.7.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-155ed\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 07 Jul 2025 23:26:29 GMT\r\nage: 4202515\r\nx-served-by: cache-lga21978-LGA, cache-hel1410028-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 27, 147462\r\nx-timer: S1751930790.642501,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-04T23:40:41.807057Z","times_seen":136421,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":81,"dns":1,"connect":32,"send":0,"wait":27,"receive":10,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/images/center.png","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/images/center.png HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 1341\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-53d\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1341,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 76 x 76, 8-bit colormap, non-interlaced","md5":"ed609de20d4e421964c2ba6468c34036","sha1":"3eb7a75df33b50cc5b26d2b5a90b0cc9de6114ac","sha256":"558533f650c0a43733060726fd27a03ea3c209408bedfe2a354ffff6c7a2b678","sha512":"650c996829dee3c6be9b866ec6141025989a53934e6900a52ac7cb197ebd1ed4193f011c91d44c8d451a848647dc6b632629e601b2dcb4d8188cd1bcde06f63e","ssdeep":"","tlshash":"fb21d8dfbb8732fa816d18599330e190f2d396519d031288a97c1b2567f4d0e1b3c24b","first_seen":"2025-07-03T10:35:12.511302Z","last_seen":"2025-08-09T04:13:00.779466Z","times_seen":7,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tsyndicate.com/api/v1/retargeting/set/af5a303e-52eb-4162-9d32-423205b4d172?gtmcb=2102147142","fqdn":"tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"136.243.69.157","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:30.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tsyndicate.com","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Jun 2025 00:11:38 GMT","end":"Sun, 21 Sep 2025 00:11:37 GMT"},"fingerprint":{"sha1":"10:90:2B:70:64:84:EE:7C:A4:28:A7:46:9B:C9:E8:42:65:36:E7:2D","sha256":"FA:AB:AE:13:0D:87:1F:0E:48:DA:FA:CD:45:97:F4:99:F7:56:8F:15:87:34:51:01:70:08:40:D6:81:34:9B:27"}}},"request":{"raw":"GET /api/v1/retargeting/set/af5a303e-52eb-4162-9d32-423205b4d172?gtmcb=2102147142 HTTP/1.1\r\nHost: tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 07 Jul 2025 23:26:30 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\npragma: no-cache\r\nexpires: 0\r\nvary: *\r\nx-api-version: 1\r\nset-cookie: ts_rt_af5a303e-52eb-4162-9d32-423205b4d172=AM_QaTNGTA8ZMWAgpHEjBg0ZAQE=; expires=Tue, 07 Jul 2026 23:26:30 GMT; path=/; HttpOnly; secure; SameSite=None\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, no-transform\r\nx-robots-tag: none, noindex, nofollow\r\nreport-to: { \"url\": \"https://pxl.tsyndicate.com/api/v1/heavy-ad/report\", \"max_age\": 86401 }\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\npermissions-policy: ch-ua-model=(self \"https://tsyndicate.com\"), ch-ua-platform-version=(self)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ba036c43037cfe89320d1ef7b64cd43f","sha1":"88c72d3e26047eb1e45e5564a76427734f120efe","sha256":"42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb","sha512":"aa80ccd27c05eb729f730b9d830b011650bcf12cbb25d19edf29efcf962c7465bb5685a5ff5d084356c6710c08e829d16b59e7a59a41767eb14744f326b6c124","ssdeep":"","tlshash":"19900403f5400003d175d03107170340134cd110057c0307405d505cdc553510c01010","first_seen":"2023-05-10T09:10:20Z","last_seen":"2026-04-04T23:09:41.195063Z","times_seen":14438,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":205,"dns":61,"connect":53,"send":0,"wait":54,"receive":5,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=30ad9352c82ad33590f17fe192ea4a987ccdec462c9204ae06cdf4aba3b499e0","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:30.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Jun 2025 12:11:05 GMT","end":"Sun, 28 Sep 2025 13:11:03 GMT"},"fingerprint":{"sha1":"89:E0:23:FC:5B:0F:07:0F:7E:EC:B8:4F:B5:1D:3B:1F:6B:5C:22:0B","sha256":"66:DE:FF:43:09:A3:D6:B0:70:4E:47:82:C8:66:35:42:25:2E:23:CA:5A:1A:CF:A3:1E:23:A0:0E:D3:E3:95:95"}}},"request":{"raw":"GET /p.js?f=sync\u0026lr=1\u0026partner=30ad9352c82ad33590f17fe192ea4a987ccdec462c9204ae06cdf4aba3b499e0 HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 07 Jul 2025 23:26:30 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 95bb1b722bb90b69-OSL\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":697,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"87da3a6927f839f2b79e682aecdb80a1","sha1":"3a5837a7dfccfd406bbf129b6aab743a81158150","sha256":"1043004a3ed662ac2384b13b6830f088274991efdc7ba5600cc6271ee1df3bd4","sha512":"11a5a684740426d2ceb8d9b7f24c5da08452ee6521aaa8a792718fa2ebaa36a355199f7802444723565245c762512fc9e2ded1140269081d1896e5ebfee7cecd","ssdeep":"","tlshash":"0201f47d5786303464f134912b3afb8a353b12be5c676c04498c0418e368b9ff20add8","first_seen":"2025-03-28T17:36:55.482019Z","last_seen":"2025-11-20T06:07:27.183243Z","times_seen":34,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":67,"dns":33,"connect":1,"send":0,"wait":45,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ra/img/email.svg","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ra/img/email.svg HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Wed, 08 Jan 2025 17:49:48 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"677ebabc-41a\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1050,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9e605009f2a9d7022e8ab786df6f89d3","sha1":"b1c477553408b02502e03b7dcc3df4920826eaaa","sha256":"ed930de43a95caaa4be59fc99ab320860bdd53dafb4c2502d70b59162c9ac9f1","sha512":"bfb66a3fcfd4a5611d09b974d46e2354286153ffe8978417dc00fbe3e903707adbef683a7295d4304cb5e32f78c72b780b949fa3f55b546d85b9d0cfb4877856","ssdeep":"","tlshash":"061112aa23dcb1889f4e8b00d75f7238b11627f5bf1acadc15856f1d6dd80ed09189c4","first_seen":"2024-12-31T14:48:37.221533Z","last_seen":"2025-08-09T04:13:00.805909Z","times_seen":8,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/fonts/Poppins-Regular.ttf","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/fonts/Poppins-Regular.ttf HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 158240\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-26a20\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":158240,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 13 tables, 1st \"GDEF\", 17 names, Microsoft, language 0x409","md5":"093ee89be9ede30383f39a899c485a82","sha1":"fdd3002e7d814ee47c1c1b8487c72c6bbb3a2d00","sha256":"707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a","sha512":"4be480df0b639750483eb09229b4edcfdcd16141eb95d92a3f28a13bf737146d7cc5db6ad03a5cde258f71b589e5310b6d9bc1563ac7b1d40408eea236d96f4b","ssdeep":"1536:iBLCaPkPJr9Q0T+GNqUESJ/8w/lF703hmTWH6lrGcRAbf9EpthYp0wf0IDh1jlG4:6LCY8zQjGfJ/AaHjxlzOk7gb3Va4J","tlshash":"50f3091bf6e7ceaee7672a78ea72636614dce8362d7f454b23016913e8da441cdd0301","first_seen":"2023-04-10T19:18:16Z","last_seen":"2026-04-04T23:18:21.378248Z","times_seen":4563,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/api/aln.php?c=GZd66dwz\u0026country_code=\u0026landing=\u0026","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /api/aln.php?c=GZd66dwz\u0026country_code=\u0026landing=\u0026 HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nContent-Type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 422 Unprocessable Entity\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:30 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nCf-Cache-Status: DYNAMIC\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PUPywVA%2FRpLokB21%2Fn%2FI637tU4mLIWAzK%2BtvnoKJjidygcSxzSy2HnC7b092fRwY7x%2FOPzjkhOrRdkuaLFVOrZQFjSKwmvb%2BA%2BPBSg%3D%3D\"}]}\r\nCF-RAY: 95bb1b6d389d7a96-AMS\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"422","status_text":"Unprocessable Entity","fingerprints":null,"data":{"size":24,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text","md5":"28249c426615bf74c4024b26a971fc96","sha1":"11a84e7a4ddfefd23c863c7f6c443826a89d5119","sha256":"14ee4b2dd9865d82e68f1861535690c1b84e6684a8c419f8c77a1977bb8f4815","sha512":"09d5ef8c3ba1bc0e51ceb54b3e92aff6edaec73a496fd641faafd6409005022b4e906db25727561befdcafa7f43ce0830a588cf15df470eecb4cf8c52d3eee0c","ssdeep":"","tlshash":"587000228e880c0020e80888a200fc002800000002e088c2202c88b820c28022028322","first_seen":"2025-07-03T10:35:12.502788Z","last_seen":"2025-07-07T23:26:53.601815Z","times_seen":4,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-07T23:26:28.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1 HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nLocation: https://join4ra.com/ar-aviator-in1/\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":9973,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T23:47:04.105988Z","times_seen":13351467,"resource_available":true,"data":null}},"time_used":955,"timings":{"blocked":456,"dns":8,"connect":44,"send":0,"wait":43,"receive":0,"ssl":401},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/js/re.js?v=21","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /js/re.js?v=21 HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 23 Jun 2025 10:41:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68592f50-23ee\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9198,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ae3285db3611225a4e24cb4390a31c5e","sha1":"3552f4dd7ff4dc27477debeb4de6d03d9f0e4c5a","sha256":"9c00d24d52a23b32cdc6dd2aa387aac923ffa23f17cc20fd6eece4af0aed7f80","sha512":"ffd540709254463db6c2adf964814009662544d52814dbbf32e2b598bc0fafa3b6f23adbf20c5ac9917570bb6c693d887cdcde79267109d71bd80ac1e5711834","ssdeep":"192:caiWX3bveZvXGPBU/QciCxc9dOzMxr56JcqrSU6EaNWjFZAAg+R0B09:pXzedX4Oh+OOcuxP2FFp4+","tlshash":"5d12fc9c60b311b642b731799f9b5324b1390187714ace4c7d8c83006f5eeada1f6bd9","first_seen":"2025-06-23T22:05:54.986231Z","last_seen":"2025-07-16T14:36:21.742233Z","times_seen":60,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":71,"dns":0,"connect":28,"send":0,"wait":25,"receive":1,"ssl":63},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/images/bg.jpg","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/images/bg.jpg HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 69595\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-10fdb\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":69595,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2160x1168, components 3","md5":"f9e589cee13816e0f4b7dfbcb60af2af","sha1":"9831f0fcacc45b72d40485dab3c6d6f38fd4099b","sha256":"9228226b05259210dba4aa50efa965d1ac06031880f29f9d40a35c95aae98692","sha512":"f23c6c972316b3335bedfefd899b535324d507fe52f10fc54e51b1cd4f353396f254f328ee2a690e38176d2ec138f4e0c6fdab6af02fd1fca2c44aa4780b23d7","ssdeep":"1536:jqReQNHFMT681ere0wiEfBQdLkuWe7MsXqetyNsnUSm:uRt/A14eRZQdL1BMD2fm","tlshash":"8f63e167f792e117dab92230994fe3157e278479d38a5ca3474f0667083038c1ea9f6b","first_seen":"2025-07-03T10:35:12.508163Z","last_seen":"2025-08-09T04:13:00.801491Z","times_seen":7,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/images/sections.png","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/images/sections.png HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 52097\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-cb81\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52097,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 681 x 681, 8-bit colormap, non-interlaced","md5":"fc3bff49b46418bb0f25bc701e59a641","sha1":"3b6409f11a4876ae8791867751c71727a228a41b","sha256":"82271e902a49df2aaa607c0845fad5bc9dd06730160693c310cc96ef814f8cc0","sha512":"f8de00172438ef3b93689b64c247e06b4364bdaa294fd728d2852c1beb79fd9ac8f4ec3ed6eb9a32f300fa8f21f6d58ad3d098de4cf5227237d51500297d9b34","ssdeep":"768:L/7xy0tJccSEF2vfQ007v8K3A733dSU9qO/6fdTE0E6QfGpoRAAnX6a77O1zp3xx:D7ZtJlk0a73t2BtE6Qfwi1qx","tlshash":"9633f2cd9f97cfcec1654474684092f0b5b2df75b2eef8dae4a54204d38205b63981e6","first_seen":"2025-07-03T10:35:12.487851Z","last_seen":"2025-08-09T04:13:00.803416Z","times_seen":7,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/images/woman-2.png","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/images/woman-2.png HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 208215\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nConnection: keep-alive\r\nETag: \"67fd0d18-32d57\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":208215,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 679 x 1032, 8-bit colormap, non-interlaced","md5":"fa287bac10dc32a1a5fefde2c3c289aa","sha1":"8f6f732dd9dc17024e7e32209a64cb45cbc5cf39","sha256":"214b1c308ac68a8e5c0587d83cad78e13b9c7294440d5a411e6a11800a73bddf","sha512":"afb4ab749c64e07abe67bd10d1acb5d9fcb466ff1a46d0b24da4a9c104426247a5682f1431a3739753e4f9f507ba4098d7d0e79b2d399ca0ec6544a6b48e1ca3","ssdeep":"6144:klaCfX3f9ETO1QYHKjcE78/GROTEcp9XALVxFolt2fK:Sa+3fKTO1QYqXPO9p9XAJx6lyK","tlshash":"1d142340313446c5022a7ab079ae370db6e7b0c46e07e7e96196b6bbf7d161c70ebb05","first_seen":"2025-07-03T10:35:12.477969Z","last_seen":"2025-08-09T04:13:00.776607Z","times_seen":7,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":87,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sc-events-sdk.sharechat.com/web-sdk.js","fqdn":"sc-events-sdk.sharechat.com","domain":"sharechat.com","tld":"com"},"ip":{"addr":"34.120.129.12","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:30.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sharechat.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Mar 2025 14:39:31 GMT","end":"Sat, 28 Feb 2026 14:01:09 GMT"},"fingerprint":{"sha1":"BA:EB:6F:6F:79:5A:16:B1:AD:09:DF:7E:47:1C:CE:3E:38:D3:5E:67","sha256":"1A:49:6E:2D:07:73:F7:0F:D1:CA:55:F6:20:18:86:C2:DD:9A:A4:F7:0C:9C:47:5D:D6:FA:54:97:21:57:1D:8B"}}},"request":{"raw":"GET /web-sdk.js HTTP/1.1\r\nHost: sc-events-sdk.sharechat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-guploader-uploadid: ABgVH882l-5eJS8AjUgjJHxOSKEnrEJKUoXxhIFxGxUZCOa_aIkkVCsTnBGCw1uEkcoxNiB2\r\nx-goog-generation: 1687434621236125\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 11997\r\nx-goog-hash: crc32c=fRm+3w==, md5=1mtonPVH4xjtIRYrWEcY/A==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\ncontent-length: 11997\r\nserver: UploadServer\r\ndate: Mon, 07 Jul 2025 22:37:23 GMT\r\nexpires: Mon, 07 Jul 2025 23:37:23 GMT\r\ncache-control: public, max-age=3600\r\nage: 2948\r\nlast-modified: Thu, 22 Jun 2023 11:50:21 GMT\r\netag: \"d66b689cf547e318ed21162b584718fc\"\r\ncontent-type: application/javascript\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11997,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11997), with no line terminators","md5":"d66b689cf547e318ed21162b584718fc","sha1":"a8b44ea6f87cb0950f93c98524d4ddf0fc645902","sha256":"3518eddb275507b4275e5887ad4e205f9cbcfb96d4af3dbd13d1c6324b19916c","sha512":"e03ab377985cd66a863e69196e65d36300e2841aab63e2a97aaf82832cdde6e32809e5263e17567238150955b827046d42d121dd23b4da06d343140366caaa97","ssdeep":"192:tJCpsOCpJWaBKjYHRBwtKe4F3JapTyBtpDK7578rZgqXekMRiQvyKGyOI7vl:zCBC3PBKjYHRBwUe4dJ0nqXjwzyKGmvl","tlshash":"e7321ad8b185b4b116e702b6407ffa42a13609261849c090ee17dcd16cbce9b43b7f7a","first_seen":"2023-07-09T05:38:11Z","last_seen":"2026-04-04T22:50:57.58333Z","times_seen":507,"resource_available":true,"data":null}},"time_used":2320,"timings":{"blocked":1152,"dns":108,"connect":14,"send":0,"wait":13,"receive":2,"ssl":1026},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/img.gif?f=sync\u0026partner=30ad9352c82ad33590f17fe192ea4a987ccdec462c9204ae06cdf4aba3b499e0\u0026ttl=\u0026rurl=https%3A%2F%2Fjoin4ra.com%2Far-aviator-in1%2F","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"104.18.41.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:31.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Jun 2025 12:11:05 GMT","end":"Sun, 28 Sep 2025 13:11:03 GMT"},"fingerprint":{"sha1":"89:E0:23:FC:5B:0F:07:0F:7E:EC:B8:4F:B5:1D:3B:1F:6B:5C:22:0B","sha256":"66:DE:FF:43:09:A3:D6:B0:70:4E:47:82:C8:66:35:42:25:2E:23:CA:5A:1A:CF:A3:1E:23:A0:0E:D3:E3:95:95"}}},"request":{"raw":"GET /img.gif?f=sync\u0026partner=30ad9352c82ad33590f17fe192ea4a987ccdec462c9204ae06cdf4aba3b499e0\u0026ttl=\u0026rurl=https%3A%2F%2Fjoin4ra.com%2Far-aviator-in1%2F HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 07 Jul 2025 23:26:31 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=0881ff425699466cf10adc0df6ffcde9; expires=Tue, 07 Jul 2026 23:26:31 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 95bb1b75edc45696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-04-04T23:25:11.363289Z","times_seen":96426,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/images/logo.svg","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"195.200.28.189","port":443,"asn":216071,"as":"Servers Tech Fzco","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://join4ra.com/ar-aviator-in1/","date":"2025-07-07T23:26:29.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/images/logo.svg HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://join4ra.com/ar-aviator-in1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Mon, 14 Apr 2025 13:26:48 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67fd0d18-9ad\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2477,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9e4fc4c0723f56ebce7d4bde9f1c035a","sha1":"703c0cc3c989619b0d001f0df98c70803aa63f5b","sha256":"40c662cb613507fbc3e7c9acdfbf3e1156e63401d27d6eb7278dbc005083de8e","sha512":"fcb58db209505898398d98fc9b50c402f8aefd90dfecfe2f6cc6be5082865c8a60f011a4b2991a401ffa9ecc43776098b33acf93766afebdfb3fda2567e447cf","ssdeep":"","tlshash":"215186f973e9e3a9a844d3b8d916b8b9b51734fe67d19354ca106d10754f04a2cd8cc1","first_seen":"2025-06-29T15:35:57.947573Z","last_seen":"2025-08-18T22:30:53.947313Z","times_seen":22,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":102,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"join4ra.com/ar-aviator-in1/","fqdn":"join4ra.com","domain":"join4ra.com","tld":"com"},"ip":{"addr":"89.187.73.20","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-07T23:26:29.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"join4ra.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Feb 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E1:C6:1E:EC:97:8E:86:AC:6F:77:B5:F2:46:D3:11:48:44:5B:FF:E8","sha256":"A8:43:4D:B6:B5:48:44:11:74:F8:AB:EC:CD:38:B6:51:6E:1B:85:0C:B0:32:AF:92:3B:B8:BF:B9:25:71:B4:81"}}},"request":{"raw":"GET /ar-aviator-in1/ HTTP/1.1\r\nHost: join4ra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 07 Jul 2025 23:26:29 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 23 Jun 2025 10:41:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68592f50-26f5\"\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: *\r\nAccess-Control-Allow-Methods: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9973,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"a2439c442df5612b845a127089efed05","sha1":"24b0932848755953a6f18016d571361234077a6d","sha256":"618ba5b77daaccd3c541fc3529a341cfe98007b5bbee9c20fc0efcd9ffa990a3","sha512":"552a88437e9b4bdd0e156243e2f75e3ae4c2822f15936cbdf35504307e3f1a3e36d96bac18ee59c106c86ab40ad37d61299bcae379e1dce4c48467b39ed4b4d0","ssdeep":"96:MeWkJ1QnJSPuaCzuy/9buSv+TtIMKOu78XZg6tYFAM:7J1QnJAu7VjWtIMRY8XZg6tUAM","tlshash":"82220e6265f145738053c1e53aa4eb1e7e92e207d94b894479fc5bea2f83e82cc2352d","first_seen":"2025-07-03T10:35:12.470011Z","last_seen":"2025-07-23T14:35:32.396515Z","times_seen":4,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-07","alert":"Sinkholed","trigger":"join4ra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}