{"report_id":"d2b87d76-2cd6-4590-af99-35d67490d7c8","version":6,"status":"done","tags":[],"date":"2026-04-07T00:21:05Z","url":{"schema":"http","addr":"aviationmanager.net","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"final":{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"title":"太阳城官网顶级博彩娱乐平台","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"aviationmanager.net","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T00:21:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"aviationmanager.net","ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"domain_registered":"2023-09-18","domain_rank":0,"first_seen":"2026-04-07T00:21:06.138632Z","last_seen":"2026-04-07T00:21:06.138632Z","alert_count":80,"request_count":40,"received_data":2688276,"sent_data":18369,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Site Kit:1.118.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"70dd42a6925563655dd71a92787ec400","sha1":"bad1f234ad3937dfc146aef7618af8dc2ce9354c","sha256":"33b5ab29f7aeb658d179d4250db7915fdd87cd03614bdaca0d80b72fde88ac46","sha512":"b8a3464703e1e6dd3e3c85b9fc578196a38aa5d241155b445b9e2399aae422b6572d432f88986356191a269841fc204e43dc9ea504995a320897b2cf2350a6e9","ssdeep":"","tlshash":"28c09b9d7f0a5c7250fa27415f3f7189744562505cd00c350d05f1456675d1b5544d48","size":142,"data":"","first_seen":"2026-04-07T00:21:10.480753Z","last_seen":"2026-04-07T00:33:16.612432Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e77e6f9a7ac4b8ae28426017d3e852a","sha1":"6887abd059ad2762cf8e628838b466c916b21155","sha256":"c55142ee751f44abcc01b859373cccbe045dd16c8f471055aa4f0a3e07502316","sha512":"47450b906b399f3c4477b0af56912bf9023cbd0ab0db10dd6f7711cac99ef45542f23e0c359dbe83979513e90c24b98f529ef4a58f850d2a137f5de8470290a2","ssdeep":"","tlshash":"c9e0d89a0b4d0a37444a63a99afea6ce273d03b2548804abbcbcd8451cb08ad42714cc","size":365,"data":"","first_seen":"2025-04-11T10:55:28.024438Z","last_seen":"2026-04-07T00:33:16.613011Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"84659b191519f58ea9051f86b7b14d1f","sha1":"2fe00ba16525333a9c95783fb6eac5e32dfff30a","sha256":"24b1e83a3393df39bf52a78ea161a2dc51136a2f0e214b14b0195e5369b48af5","sha512":"bae00f9f38ace1d93b43770f8d84d8fb58a23605713b2e9035f4c6c661204296b815356b59a1cd0042a8db58b222356c828ac78d010cb83c03357c2f0a506091","ssdeep":"","tlshash":"d7b0011a1504563366702015fb9a3380be2316a5ab92e82f860e7518613d883d1105b2","size":95,"data":"","first_seen":"2025-04-11T10:55:28.025297Z","last_seen":"2026-04-07T00:33:16.613492Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/jquery-migrate.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-07T06:12:10.042125Z","times_seen":644625,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"b613115ecf3f2bc1471ba847e26b211e","sha1":"a2d485b1bef5b71ca4d1425d28a8139723885fd0","sha256":"c869cb7d6d5a2e5a9b2165f1a804415479b09b62942682e4d230006a54e775ee","sha512":"bd87d9e35808c7c1fd978b48a3b3f997a4976921f424b285e658e4d8e2b7b24e211bd5bed1132c604160f0d24294f1926b9d8a4120a84ac4db28773bc2f207d1","ssdeep":"","tlshash":"43e0df13468c64875980a5cdac3c54c3816d813e953008efc1c302ec41073f0022bf2a","size":339,"data":"","first_seen":"2025-04-11T10:55:28.026193Z","last_seen":"2026-04-07T00:33:16.613996Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"3504bbfbad8d3c3ba1d95c4d18514539","sha1":"30f08fed218652a7b55d3d3547508616f667c9a1","sha256":"be10b242f7066ffaee77a41ccc1553aced8f09135cd934adf6e699b6cd063078","sha512":"5efd0955802f35125a80999eea195fbdf5524c0a6c1d3c810159cec1688953483e6b7a2617050188a830dc9f46259c1953e0d999e4b0a447501b431ec4b2121b","ssdeep":"","tlshash":"cac0803f840d5537c4f8214c4fce48b7f52d047c8505567ea66050cd15089f70de4d1d","size":178,"data":"","first_seen":"2025-04-11T10:55:28.027207Z","last_seen":"2026-04-07T00:33:16.61448Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/autoptimize_single_27b0dc2f338875a59ce815367b703646.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"333682959b8b63343202d7ef6858f6d8","sha1":"3b4e9fd055ba7efd5b4e69f6f32b834e4a74b877","sha256":"cfdc52d688c16a02b9dd455bdf7571a7facd26bed96f87240d0a1bfdcfaefb8e","sha512":"bc1814af152c69480b504b3646b640647d51daa05a6ce74bf65da621c86d5fa976f8ba5105f5dbd642560f83551b2145d37f5d2260ccb7491145b615fb321a0c","ssdeep":"96:ksz2LtirZRu29KQ2x9nQzUQy7xWSDx4m4GfiMQzFcZ:H28qHQybGQbQhcZ","tlshash":"fda165a1b05474dc1eb22388e94f3b0df227a627811cba08d4bc566ceb71781e619e5f","size":4895,"data":"","first_seen":"2024-01-21T13:19:31Z","last_seen":"2026-04-07T00:33:16.602022Z","times_seen":303,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/jquery.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-07T06:12:10.041556Z","times_seen":692029,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0089c9a978efe6faf1b325c551a99197","sha1":"f669f20f76256fa65eba68e591a6eac3842df33f","sha256":"f1402f35998a6f5e927b88fcb14a3df40d6fc3eb8d62547766dfa3542c1bb83a","sha512":"516cf801e0ad5cb53cd93efb3526d8fd3d08e12acb330ada0a8b7a58cee49da8809d11527d859a9420c0474f2e71007224de6e3a456f6f2f486fb63870e19be5","ssdeep":"","tlshash":"0cd0977298a7c4306ada014e20bac2ac3a1022d82b93b50085cecc1aef00dc3c4a2e88","size":247,"data":"","first_seen":"2024-07-23T10:51:42Z","last_seen":"2026-04-07T00:33:16.616265Z","times_seen":191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/lazysizes.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"d1edbffbde50cd32ab770746b4140906","sha1":"6e120f03a5ac9fddc25e7830d204b202721d8879","sha256":"c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1","sha512":"8de8f4bd102a51d75c02309792068486a4f6f7d232d2d80b5f85f0186f7afb0629a878fca377a2dcd4ae9063543547adb30c7a49b75436c6ef5dc0eabefa21a3","ssdeep":"192:XamIJHXkovHIdcC9vaE6cyxqI1qwLcIRAKEFkNB+xb+25CqqBFPvAxO+GSXiauCB:Xam2kNdcC9J6co91qwLcI6KgkixbdjqU","tlshash":"b312d6df365534b3aeeb34b0406f610f663234339d46e561e2aad091893cc8a6327f2d","size":9813,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-07T06:52:36.584884Z","times_seen":9061,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"462bb35546b0c1f95ba707d2db26fa71","sha1":"7b2276e28c3231cba60aba7474e7119f842bf403","sha256":"83aef40b373190eb8fd2c0a563f52e4eb2c8c64a208794d929f207a0e1d5c061","sha512":"2dbf230943bb722acfc653844eb5e45d82eb6686fbfed490ef0a4523648218ddd73b90c2001c1b37c9b748b5aa651b956705629e5acb7f1f5e2e047c29468239","ssdeep":"","tlshash":"08219d7597dc5039c295108f167ed3dc3a6c51742d06ac89ec7cdd18ac50c6a845ec79","size":1241,"data":"","first_seen":"2025-04-11T10:55:28.029492Z","last_seen":"2026-04-07T00:33:16.615157Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"4a786ba21045a81368b91c7d16ac050b","sha1":"d0fffcfb66ff84b18a059b7c0506b9d943259b21","sha256":"c5cb846e8e884aac9f18017bd83c5366bc391a40650b2cdbbcef20b0cbf4b249","sha512":"77bb98237458c9709dcc9228641ee3e85780edc4fa6f1d5140eb72fd27efba40e87c53a1c0b4b7a68f30ee407418c454352ab63cb31f7a7336586fa646b56216","ssdeep":"","tlshash":"8ca002a1c86f2903a0d4d01aba7e00c4c07d0b04d49392d580cc2551145929cd019fe4","size":69,"data":"","first_seen":"2025-04-11T10:55:28.030662Z","last_seen":"2026-04-07T00:33:16.615706Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/autoptimize_single_764d32b67bea87de1e6968d08946f884.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c33e08bec0988ad10f73047653a65772","sha1":"77b6ca07cfd992218ff822421354b93fa8c5e6f7","sha256":"12b6742262933edb939e8114acaa11f2d100a1da507b1fd56ea3fca9fb3a5f10","sha512":"54bbe7111e57b85f600e5e6529fb010b96775257c83989cd199ab11611b6de9eea1c94e55da42e547dadff984328a870a79f76af3bde3f7be20352aef1c96abb","ssdeep":"","tlshash":"91b09b555409704c4955e95451355e89203762509469502de70584682b5014598a1514","size":111,"data":"","first_seen":"2023-03-10T16:53:54Z","last_seen":"2026-04-07T00:33:16.600575Z","times_seen":290,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/accordion.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"7849e0aa35f335f3816b71dad422ceb7","sha1":"d81bb30d45fe1b5f4a92056448d4ccbca14202be","sha256":"3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d","sha512":"33fe3092d7eb115c21611393230acc55b51c5a809fc77dbf64a5e94384c647a6bb6835f11d07cd099c7a461065e3b97186611426af4986978576a829c94006bb","ssdeep":"192:ckAWfVDXgV2R3L9fYOdIcy9LCMbp38DoDMutfzC:ckAWfVDQh9T9eMM6fG","tlshash":"fb025708320439f1689a41e5942a5e4fb17271dc9805489cb23a5dcf9bedd84b36b7bf","size":8814,"data":"","first_seen":"2023-04-01T10:44:41Z","last_seen":"2026-04-07T00:33:16.583437Z","times_seen":2857,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/menu.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f79dafc27c57108eb5c4cef9c9b5e7b","sha1":"c51c81cb212089ebb7bf4675083f0ddca8016386","sha256":"174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296","sha512":"c5237efc21b3ce5d85733c6d6ec6edf975b2de1d46aadde3535f69966577b842273e242f17a6f82ec7d5bc0e96fa562a1293ae2f519d7dc04041d6e0a265c5b9","ssdeep":"192:ssQZgPOLqHZb4ooYJQDi9EFhylT/fntx7bvH:sDgPOLqGooYJQDi9mhATnnv7bvH","tlshash":"2ce1e0ea9644127b04ef29c670e6e9c43b7568fdea0184313579c84d1eb8ec201e6bf9","size":6975,"data":"","first_seen":"2023-03-29T21:09:45Z","last_seen":"2026-04-07T03:28:25.006326Z","times_seen":1968,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/core.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4e68a0f3463c0bd3c39eab38815e881","sha1":"0ce58644e9f3c5063a11453ff287c5ec096465a7","sha256":"ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f","sha512":"e871f258f625a5c8e8ec3848242352fd75dcb0f0b580333fce07625a6a2f53e83f22e4dd7492f2d12a880709d540de0bcdd9b335d853fe9cccfc0efccf718bce","ssdeep":"384:Sdw5JLVFVS3dufvQNaHCip8fuxNhBGX0CiS+w/pf2229FkFvd:XS36Z5vkO7kv","tlshash":"66a2d74db2053805c6f7a265503f525fb132e29cb106889df4a8d8ea2c7ee995073f79","size":21438,"data":"","first_seen":"2023-04-01T10:26:15Z","last_seen":"2026-04-07T06:38:49.264869Z","times_seen":40575,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"aviationmanager.net/images/692c5823d4f13ebc85ae5fefea866984.jpg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /images/692c5823d4f13ebc85ae5fefea866984.jpg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-ae08\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44552,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1024x426, components 3","md5":"7a5c1a80214fe1534ecb22da26aaa2db","sha1":"ff660b6051afaba2bb47577c1d2de126fbba6d20","sha256":"f05e8de510cc78804e555019240302c2e93ea20f5459157581b39d9dfeab0671","sha512":"b09bfb81776f60cc7fd70d56a570028bd27120391a02a87498ecf2dafd5a885a34a2ddd221a03a06fdfad41ae7fb449e29177592282b7341da179af618753140","ssdeep":"768:ctF/q5Jwbq8A4ooymYE9ONe+HjMJDq7qzeZjFyEA19Q92FAshFgPW4J:ykLwbHKDE9Ue+HjEq72eDyEc9jFVhF8N","tlshash":"8513e139f903f485d86809f640ada2ee2c92e8ce59559e518e74f0f8bec4c9911b0c7e","first_seen":"2025-04-11T10:55:28.004256Z","last_seen":"2026-04-07T00:33:16.609345Z","times_seen":17,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/qr-code-5-1024x1024.png","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/qr-code-5-1024x1024.png HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 29 Mar 2024 12:13:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b05e-156459\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1401945,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"0e2862ddd3b033b1f920f6aee39676c0","sha1":"6c49e8739d9918e46b2ee2afea8724b93087436e","sha256":"8c2a772270d9bfa150ec823ddb6f19bacb4025f66164b6fbf6198916324c9bdb","sha512":"ff0c33d9b46087b6069427e7e76d6fb0da773e17c542b05ed9a8ff354b7ab3c426924c651914c8bcf52d79fcfc7be292c70eafcb501581d1f397ecf5adbcd479","ssdeep":"24576:EdpICeuctJLmSORFsZ5a4sQNqUMpRGnqM2mH9:EdpIKMJOzC5a41NwRGqlW","tlshash":"6b2533dcd5494a072b06c7f65006df1d9cb3fbc92480723da64b16f2ae48bbd63a911b","first_seen":"2025-08-26T02:20:55.751221Z","last_seen":"2026-04-07T00:33:16.591163Z","times_seen":244,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/images/21fb4cbcd5025793566cb066632dd126.jpg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /images/21fb4cbcd5025793566cb066632dd126.jpg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-98fb\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39163,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1024x509, components 3","md5":"16edb64fd4613886c9a432077efa4e70","sha1":"e10f2265300915acedd37fc4944515d04f7162ee","sha256":"34ece1c007347a1739332e6e6d0c32fb5744848fe879c029694f21d9fa999cf4","sha512":"a5679ce594753c4593ab19553f0d479a11b1c9cb94aed918fc4a55b41f1362871691e06fd02c8cce17b93b93ce09bbb954d51aba5ee9a26bffafb11d24f49bdd","ssdeep":"768:jbCBajMChvfcN20lMqCulxLXqN2rzVjQlCd4bhj+sy75eXTuP+Zpyvzu:S8VfLqCu7LX82nVjWW4tasbTuWZr","tlshash":"7c03f1627782470ee3bfbc7c311cbba48c0f50500ddadbd9d2b0b669889b9c191d66a1","first_seen":"2024-07-23T10:51:42Z","last_seen":"2026-04-07T00:33:16.601083Z","times_seen":280,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/bet365-logo.svg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/bet365-logo.svg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-145f\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5215,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"95ccba9bed15ed9fb0a3e92f9b305606","sha1":"968345b2f0a25d22b66f9f13047c5c7d3667615b","sha256":"67e577db53f8bb6bb309e6d168e605fd9f1228eb9bc70d5b9790f84ec5a58e4a","sha512":"51682500e25adb7dc926f191abe8abae71c736c22e13949b64b299382a10031d3b0cf4bb256b8996c915f049a3d5419493e94910bc6be00d251370d2cb785507","ssdeep":"96:9Zn3wrGMefjh3vZnbh7eK1LEAmicpbACeI1zCsp+g4FCu2cF/G590Q8RF2k:TneB8bbh7j1LDopbmwCOPuK90Dj","tlshash":"e5b1d9b5133d66fcf42083989b63a0827c9928fb77d2c15cd545af4963721f9406e9e3","first_seen":"2024-08-19T15:30:08.155728Z","last_seen":"2026-04-07T00:33:16.595553Z","times_seen":18,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/core.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/core.min.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Mar 2024 12:13:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b066-53be\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21438,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8189)","md5":"c4e68a0f3463c0bd3c39eab38815e881","sha1":"0ce58644e9f3c5063a11453ff287c5ec096465a7","sha256":"ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f","sha512":"e871f258f625a5c8e8ec3848242352fd75dcb0f0b580333fce07625a6a2f53e83f22e4dd7492f2d12a880709d540de0bcdd9b335d853fe9cccfc0efccf718bce","ssdeep":"384:Sdw5JLVFVS3dufvQNaHCip8fuxNhBGX0CiS+w/pf2229FkFvd:XS36Z5vkO7kv","tlshash":"66a2d74db2053805c6f7a265503f525fb132e29cb106889df4a8d8ea2c7ee995073f79","first_seen":"2023-04-01T10:26:15Z","last_seen":"2026-04-07T06:38:49.264869Z","times_seen":40575,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/accordion.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/accordion.min.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Mar 2024 12:13:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b066-226e\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8814,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8632)","md5":"7849e0aa35f335f3816b71dad422ceb7","sha1":"d81bb30d45fe1b5f4a92056448d4ccbca14202be","sha256":"3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d","sha512":"33fe3092d7eb115c21611393230acc55b51c5a809fc77dbf64a5e94384c647a6bb6835f11d07cd099c7a461065e3b97186611426af4986978576a829c94006bb","ssdeep":"192:ckAWfVDXgV2R3L9fYOdIcy9LCMbp38DoDMutfzC:ckAWfVDQh9T9eMM6fG","tlshash":"fb025708320439f1689a41e5942a5e4fb17271dc9805489cb23a5dcf9bedd84b36b7bf","first_seen":"2023-04-01T10:44:41Z","last_seen":"2026-04-07T00:33:16.583437Z","times_seen":2857,"resource_available":true,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/images/d8916c785ed8a72badc13eb88cbcb3de.jpg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /images/d8916c785ed8a72badc13eb88cbcb3de.jpg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-95d8\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38360,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1024x304, components 3","md5":"384c736e3b5cf24c9852281f0e8c1b36","sha1":"d75736ee60e342a60225c563532f9b61961e5065","sha256":"adae21bcb8a01392144dfa760257649cefadc6d9cc6966a89a970d7b1337bc21","sha512":"ec22a832105fc161e8b745675650136f5c7bbfcc8907074d69461429101ce513d47d157bd04f5be578d3d01d66a32456a311af06e0083fe21cecb898329353f4","ssdeep":"768:G+ckdTY7SknWhcccGChMBxrQaE2HrgZQRhO+RsrdmTvoL1yQVPhK02lPo:G9kRYhW9ChC22HrgZKO+qcTq1DVqo","tlshash":"6d03f14d122bc35a50198c273bc5cd26d7a5bff9c2d8a5859cf085b3a4aeac5dce00e7","first_seen":"2024-08-19T13:49:37.61635Z","last_seen":"2026-04-07T00:33:16.611867Z","times_seen":21,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/Gibraltar.svg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/Gibraltar.svg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-5a36\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23094,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"afd15f762903c755bd65cc178fa04fad","sha1":"14032a045f69b7921523521101d9f94232bd6d56","sha256":"1eadce24b5faef4d33d36ed5dd7ea39a192ac846b6c677c9b123dcdb64f87b37","sha512":"f5b08d90c79ef70a74b1dda6143de5c6f38dc6127b28632de4e5e4448a08fb4762534c4cd9ddc435a39f48de2b85e9f5679e2708a4b4fc3f40c2810c5b716c5a","ssdeep":"384:kp/AOtZaY9qHwooiwQeCk2257Y9wSapwfQkvHbkaSGa4dKSJnADUd/R2:oXJ9r94eDHWWpWvHbkaSGa4dVmww","tlshash":"f9a204ca2170938ce8cde65e97aaedd0425e60deb472d8c14eef879c640f984ff15498","first_seen":"2024-02-24T00:51:05Z","last_seen":"2026-04-07T00:33:16.574569Z","times_seen":81,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:45.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aviationmanager.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:43 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 23 Mar 2026 15:49:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c1610d-d78d\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Site Kit:1.118.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (876)","md5":"bed8263581714b01b8b63608f7db500f","sha1":"c92fcff6a0f7910c8dc5b62feeee0e2bd5b13806","sha256":"8710b4b74ddaa6e99ed6fdc7fbfed32fe10eb3c3d284b41f8ba0b983567ed708","sha512":"f471a7d7083406a9937aead7e96ca0e99b4da5e78aa6a636330bb2a0df649716d9c5d53d49446017cec489520b7c73bc432bcdee2384741b8d304130ada95611","ssdeep":"1536:BlYr+dbix0ewmuoGFAgc2s5Agc2sV2iJTstRMdb:Bp0xR/DGFAgc2WAgc2u2iWtSR","tlshash":"e633e8a1629c3d7f041573d6311aa388708f8c78fb2188d7f7f795c9968af92253607a","first_seen":"2026-04-07T00:21:10.464104Z","last_seen":"2026-04-07T00:33:16.581584Z","times_seen":2,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: text/html\r\ncontent-length: 492\r\netag: \"69ca5fc1-1ec\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":492,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"289fcfb54aeb72058b321c30340c83dc","sha1":"784cb36dd0a0909ad3a61ccf0ddbea80893549fc","sha256":"8f459b4937283dd241f80d4bd65c7309b81b411ea4924d1b3302580a068a30dd","sha512":"b6498c4d32705156a30df5ff77f1625d92554400302f5603d9af055444bdb63e2aa6d844801bb6c570f07351f6bd566364c9d6002ce8a4179a4d9f80c221baea","ssdeep":"","tlshash":"7ef097960cf2460a25a3a2906ff3f56d6cb219937908c120f188b54aaf54e0bc603aed","first_seen":"2026-04-03T05:20:25.822571Z","last_seen":"2026-04-07T00:33:16.579574Z","times_seen":5,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/images/3759d45a64f891606dbf73924d5fd69c.png","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /images/3759d45a64f891606dbf73924d5fd69c.png HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-2b5b\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11099,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 164, 8-bit/color RGBA, non-interlaced","md5":"0bcde1c81ba5eff472b94018ae4a4697","sha1":"88e6df65495b7f949f0f441685707deb5a2f81c0","sha256":"7cdc3f42b26ef03c1923c5d725dd542378a0ac9e12f1da9050a2cbf8e35cf89a","sha512":"1ddb3361b2eb5f381dc1d42bdcde4570618d6185e7a916b190eca8604c2b75f851d6c8cdef2fdf2114c604369cd674288d335351d4a484471437e1012f53801f","ssdeep":"192:7BOllDujjKZd4DeQyECAwI4RyGC8v/SzsiOq7ghM77SHXrIxNL2quea3HtW:tOlIQdQeQynI4Ry+/8Oq71q30tuecW","tlshash":"6432af94c193e85cbecd6425cee0b704782b44e44be4f977136ad4d0f453b52b988211","first_seen":"2025-04-11T10:55:28.00215Z","last_seen":"2026-04-07T00:33:16.578811Z","times_seen":17,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/saved_resource.html","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:44.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/saved_resource.html HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:42 GMT\r\ncontent-type: text/html\r\ncontent-length: 492\r\netag: \"69ca5fc1-1ec\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":492,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"289fcfb54aeb72058b321c30340c83dc","sha1":"784cb36dd0a0909ad3a61ccf0ddbea80893549fc","sha256":"8f459b4937283dd241f80d4bd65c7309b81b411ea4924d1b3302580a068a30dd","sha512":"b6498c4d32705156a30df5ff77f1625d92554400302f5603d9af055444bdb63e2aa6d844801bb6c570f07351f6bd566364c9d6002ce8a4179a4d9f80c221baea","ssdeep":"","tlshash":"7ef097960cf2460a25a3a2906ff3f56d6cb219937908c120f188b54aaf54e0bc603aed","first_seen":"2026-04-03T05:20:25.822571Z","last_seen":"2026-04-07T00:33:16.579574Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/analytics.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/analytics.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://aviationmanager.net/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T07:11:48.946741Z","times_seen":13452227,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/Bet365%E5%AE%98%E7%BD%91%E9%A6%96%E9%A1%B5-1024x467.jpg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/Bet365%E5%AE%98%E7%BD%91%E9%A6%96%E9%A1%B5-1024x467.jpg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 Mar 2024 12:13:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b058-9156\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37206,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1024x467, components 3","md5":"d6104a2535e410ab1de8347a042fdc5d","sha1":"8ca0c2fdf574a81cca7222c1356b6fa0499c2813","sha256":"607eeb1fa042011585a780173347fcfbbde879dc17e31ffa14f24b73c10ba4a3","sha512":"26f449b286b62e218a00d61484d4b504226af92b065ff2f5d5245b153edf246c1a08a2ea6d30aea8bff3de0a4c4d76260e1e425dd1c63fd36c60b1389ff1fa8c","ssdeep":"768:NHb+9jQAMr6/Z9E19snBXbYotE9xCoJk8aX+Abga1xawG3unvV/:NHbWjTM2Do9sntzy9BaX+Az11tnvV/","tlshash":"e0f2aefab73f0736e84c893f01e06215a6548b9540c5ba8b3e7d52a0c1b9bc15fe38b5","first_seen":"2024-07-23T10:51:42Z","last_seen":"2026-04-07T00:33:16.610792Z","times_seen":196,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/images/a69f751bd691f3b8acd88747c6bbcdca.jpg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /images/a69f751bd691f3b8acd88747c6bbcdca.jpg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-8d14\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36116,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1024x303, components 3","md5":"292d5fe61c8c475fafc672526155f229","sha1":"008af8c9285c801d42297ed4ba35f2792d45fa13","sha256":"0f8d6ad52fd85f2d9ec1482313252673fe083f5cdbdeed5186d4b00a976a1890","sha512":"93d2291eae2c8fcbe60ad51f6dbffd9ab7ed51ceec3c13167dfc9a29f74bd921549127cccade2d8f0e375d91404d92a99ba4dd76aafab9b740bf9b5ca6492942","ssdeep":"768:MRfh2dTEBrUhUg/F8hgu3dFMyBNYuVLisiYHZgRqbvi5w6P4JTzyTz5:Mfh2dQBrG9/433MsVLisi+ZdEP4JTct","tlshash":"b2f2f1932553f078aae95ead2c305b83d701aff6d2e825572bb4e5360ca52ec1fe7101","first_seen":"2025-04-11T10:55:28.013819Z","last_seen":"2026-04-07T00:33:16.610304Z","times_seen":17,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/IBAS.svg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/IBAS.svg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-1170\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4464,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b95f0aeb3eff9cba8ff114bf5e2a053b","sha1":"1cf8bdeaa684a434d4c33b28e231803db95e4d90","sha256":"69fa3593da6a1b69c2a7157082ce5ac3c7d51f84f9d0360b8cb263eede545a9b","sha512":"cdfb19bf50b8ca8e0a7671715f92523ef24dbac3c25d859a40768224485ca130d5341e3a02c14b1fb90ec233149792613ac253cdafabe00087b50afb69398f4f","ssdeep":"96:vNhMs9jImYFbXqqFA6NYJY36NYJY16NYJYtFK6O1ytKdi2/:vTMs90mMqqa6NEY36NEY16NEYiX1yn0","tlshash":"b79141c96730976d1ecbdb4ddf6ba594a20fc1ecb83798845b8e9e00d44b996f11ac80","first_seen":"2024-02-24T00:51:05Z","last_seen":"2026-04-07T00:33:16.596153Z","times_seen":79,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:44.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:42 GMT\r\ncontent-type: text/html\r\ncontent-length: 492\r\netag: \"69ca5fc1-1ec\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":492,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"289fcfb54aeb72058b321c30340c83dc","sha1":"784cb36dd0a0909ad3a61ccf0ddbea80893549fc","sha256":"8f459b4937283dd241f80d4bd65c7309b81b411ea4924d1b3302580a068a30dd","sha512":"b6498c4d32705156a30df5ff77f1625d92554400302f5603d9af055444bdb63e2aa6d844801bb6c570f07351f6bd566364c9d6002ce8a4179a4d9f80c221baea","ssdeep":"","tlshash":"7ef097960cf2460a25a3a2906ff3f56d6cb219937908c120f188b54aaf54e0bc603aed","first_seen":"2026-04-03T05:20:25.822571Z","last_seen":"2026-04-07T00:33:16.579574Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1358,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/wp-content/plugins/faq-schema-for-pages-and-posts/css/images/ui-icons_444444_256x240.png","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:44.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /wp-content/plugins/faq-schema-for-pages-and-posts/css/images/ui-icons_444444_256x240.png HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/files/autoptimize_7d6f4436d919a3ef753cc492abd61917.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:42 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-1b50\"\r\nexpires: Thu, 07 May 2026 00:20:42 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6992,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 240, 8-bit gray+alpha, non-interlaced","md5":"610f324f0e4eea1e922024fc960ba206","sha1":"e48cbd9aaafa1c2a45ef6fa9e2790aa3c4fcc045","sha256":"4f13ad3e71cbbadf0df2c3c7e3806017c541ed0bcb6cacc2f0dfe0a4e61a11a7","sha512":"0947a856b2c7ad8ee65834c9ee3bf815a457c933480aafe1d4bf54aed72102c2cbd92193976a316d17227f54c0aa97f338cc77e7859c8ee7d7783c6a3987aa5a","ssdeep":"96:Z+ZYGBeZMj+hjoHCZiDRCDNcdtQoWADxe4gIHazizKsIOvxx2mcLG0pBlpWttZxb:Z+Rj+h1W28yoh6IHRzKQxrs6lx5ATUFj","tlshash":"4be1ae5b7807865949ff54b5824307a9a8f3df1fcb6693d6f31080a27e13bb44426b4c","first_seen":"2024-05-03T17:06:37Z","last_seen":"2026-04-07T00:33:16.573696Z","times_seen":272,"resource_available":false,"data":null}},"time_used":1328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/images/4d539ac1527114377bfc3e5598db80fd.jpg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:45.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /images/4d539ac1527114377bfc3e5598db80fd.jpg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:43 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://aviationmanager.net/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T07:11:48.946741Z","times_seen":13452227,"resource_available":true,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":721,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T00:20:42.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 23 Mar 2026 15:49:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c1610d-d78d\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Site Kit:1.118.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (876)","md5":"bed8263581714b01b8b63608f7db500f","sha1":"c92fcff6a0f7910c8dc5b62feeee0e2bd5b13806","sha256":"8710b4b74ddaa6e99ed6fdc7fbfed32fe10eb3c3d284b41f8ba0b983567ed708","sha512":"f471a7d7083406a9937aead7e96ca0e99b4da5e78aa6a636330bb2a0df649716d9c5d53d49446017cec489520b7c73bc432bcdee2384741b8d304130ada95611","ssdeep":"1536:BlYr+dbix0ewmuoGFAgc2s5Agc2sV2iJTstRMdb:Bp0xR/DGFAgc2WAgc2u2iWtSR","tlshash":"e633e8a1629c3d7f041573d6311aa388708f8c78fb2188d7f7f795c9968af92253607a","first_seen":"2026-04-07T00:21:10.464104Z","last_seen":"2026-04-07T00:33:16.581584Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1074,"timings":{"blocked":437,"dns":32,"connect":198,"send":0,"wait":200,"receive":0,"ssl":204},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/GT_v2.svg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/GT_v2.svg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-387f\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14463,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d4879038fed3c2f29318adf0803ab18e","sha1":"5dffc36987a4a84735e6071b19aee98c707bbd90","sha256":"4f3cde86b31746c372ae9aa489feed42c71cb68c09ba1427159c270e48c6c272","sha512":"3dc319e75d1e44f4f5da93fdc7991fa8e1e9afeee705832667b534f883740917af5f326368f5c8661e990c82ef05f58d0dd5416ab217ce46c233d49f67adefa8","ssdeep":"384:4I3H0iLUv/iJ76FOgqc0HeMDNNWWAPQ+iWp2fAL:zLUv/iFJczMDNNWWAo+hka","tlshash":"4f52f8c6671041dc281f9fd2ae3f62f8232e64fbb76671cc14d6d98a61079f56906cc8","first_seen":"2024-02-24T00:51:05Z","last_seen":"2026-04-07T00:33:16.580112Z","times_seen":81,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/lazysizes.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/lazysizes.min.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Mar 2024 12:13:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b066-2655\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9813,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7862)","md5":"d1edbffbde50cd32ab770746b4140906","sha1":"6e120f03a5ac9fddc25e7830d204b202721d8879","sha256":"c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1","sha512":"8de8f4bd102a51d75c02309792068486a4f6f7d232d2d80b5f85f0186f7afb0629a878fca377a2dcd4ae9063543547adb30c7a49b75436c6ef5dc0eabefa21a3","ssdeep":"192:XamIJHXkovHIdcC9vaE6cyxqI1qwLcIRAKEFkNB+xb+25CqqBFPvAxO+GSXiauCB:Xam2kNdcC9J6co91qwLcI6KgkixbdjqU","tlshash":"b312d6df365534b3aeeb34b0406f610f663234339d46e561e2aad091893cc8a6327f2d","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-07T06:52:36.584884Z","times_seen":9061,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/autoptimize_single_764d32b67bea87de1e6968d08946f884.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/autoptimize_single_764d32b67bea87de1e6968d08946f884.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 111\r\nlast-modified: Fri, 29 Mar 2024 12:13:26 GMT\r\netag: \"6606b066-6f\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with no line terminators","md5":"c33e08bec0988ad10f73047653a65772","sha1":"77b6ca07cfd992218ff822421354b93fa8c5e6f7","sha256":"12b6742262933edb939e8114acaa11f2d100a1da507b1fd56ea3fca9fb3a5f10","sha512":"54bbe7111e57b85f600e5e6529fb010b96775257c83989cd199ab11611b6de9eea1c94e55da42e547dadff984328a870a79f76af3bde3f7be20352aef1c96abb","ssdeep":"","tlshash":"91b09b555409704c4955e95451355e89203762509469502de70584682b5014598a1514","first_seen":"2023-03-10T16:53:54Z","last_seen":"2026-04-07T00:33:16.600575Z","times_seen":290,"resource_available":true,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aviationmanager.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 23 Mar 2026 15:49:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c1610d-d78d\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Site Kit:1.118.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (876)","md5":"bed8263581714b01b8b63608f7db500f","sha1":"c92fcff6a0f7910c8dc5b62feeee0e2bd5b13806","sha256":"8710b4b74ddaa6e99ed6fdc7fbfed32fe10eb3c3d284b41f8ba0b983567ed708","sha512":"f471a7d7083406a9937aead7e96ca0e99b4da5e78aa6a636330bb2a0df649716d9c5d53d49446017cec489520b7c73bc432bcdee2384741b8d304130ada95611","ssdeep":"1536:BlYr+dbix0ewmuoGFAgc2s5Agc2sV2iJTstRMdb:Bp0xR/DGFAgc2WAgc2u2iWtSR","tlshash":"e633e8a1629c3d7f041573d6311aa388708f8c78fb2188d7f7f795c9968af92253607a","first_seen":"2026-04-07T00:21:10.464104Z","last_seen":"2026-04-07T00:33:16.581584Z","times_seen":2,"resource_available":true,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:45.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:43 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 23 Mar 2026 15:49:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c1610d-d78d\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Site Kit:1.118.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (876)","md5":"bed8263581714b01b8b63608f7db500f","sha1":"c92fcff6a0f7910c8dc5b62feeee0e2bd5b13806","sha256":"8710b4b74ddaa6e99ed6fdc7fbfed32fe10eb3c3d284b41f8ba0b983567ed708","sha512":"f471a7d7083406a9937aead7e96ca0e99b4da5e78aa6a636330bb2a0df649716d9c5d53d49446017cec489520b7c73bc432bcdee2384741b8d304130ada95611","ssdeep":"1536:BlYr+dbix0ewmuoGFAgc2s5Agc2sV2iJTstRMdb:Bp0xR/DGFAgc2WAgc2u2iWtSR","tlshash":"e633e8a1629c3d7f041573d6311aa388708f8c78fb2188d7f7f795c9968af92253607a","first_seen":"2026-04-07T00:21:10.464104Z","last_seen":"2026-04-07T00:33:16.581584Z","times_seen":2,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/dyts.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/dyts.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://aviationmanager.net/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T07:11:48.946741Z","times_seen":13452227,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/images/ce98cb7707d6275c9dab9afef00d7687.jpg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /images/ce98cb7707d6275c9dab9afef00d7687.jpg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-8e1d\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36381,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1024x307, components 3","md5":"50e36de536993e38c75ba5ee6818ce52","sha1":"64b6e04add93a8624a4b7e356e8a1af2351c87d7","sha256":"57f828da52f1f892a0e3de3762c852e1a67cdb6aefaf7f8ac9593af894742439","sha512":"c6c39a0c05181b9e07ec6b2e9b49ad02ac5b9ee80db187f3e04d810bab59092d418c5a921d12076026ecae535ced9dfd3fcea7d3d6fe81ec4240332d2cbbd1f6","ssdeep":"768:xAwApN0eiIhIIIIIIIIIIISIIIKmcctnBtazQkOa7NCIbpLBe/BVw8i:xFsRMjkPJ7Ni/BVwH","tlshash":"d3f2d03ad2b202f6cd6420b6df9fb784dded10d21d8a5104d0f9e9244e667f9c44a9e3","first_seen":"2025-04-11T10:55:27.999554Z","last_seen":"2026-04-07T00:33:16.608183Z","times_seen":17,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/18.svg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/18.svg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-45f\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1119,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b66439064824a50a30424019b23dcc4a","sha1":"fa915ffe798c9e07013cc3d7422b848a879c16b4","sha256":"f6a909e4d092102e9c5392aa344181102ab8116b43ba88f316fc4544fb482e06","sha512":"013f940871588c259a5060e492da84090b198367b618061c1ec1664c637c446ba7063a85401a772d8f039d7fd2105c64055509f069a570192d9e3a063e24bf16","ssdeep":"","tlshash":"ab2100c2a250b5b925dc9b36df29f428216b70e202b8cd856bf49fc1d1c3b92fd0c908","first_seen":"2024-02-24T00:51:05Z","last_seen":"2026-04-07T00:33:16.57525Z","times_seen":79,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/menu.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/menu.min.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Mar 2024 12:13:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b066-1b3f\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6975,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6975), with no line terminators","md5":"7f79dafc27c57108eb5c4cef9c9b5e7b","sha1":"c51c81cb212089ebb7bf4675083f0ddca8016386","sha256":"174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296","sha512":"c5237efc21b3ce5d85733c6d6ec6edf975b2de1d46aadde3535f69966577b842273e242f17a6f82ec7d5bc0e96fa562a1293ae2f519d7dc04041d6e0a265c5b9","ssdeep":"192:ssQZgPOLqHZb4ooYJQDi9EFhylT/fntx7bvH:sDgPOLqGooYJQDi9mhATnnv7bvH","tlshash":"2ce1e0ea9644127b04ef29c670e6e9c43b7568fdea0184313579c84d1eb8ec201e6bf9","first_seen":"2023-03-29T21:09:45Z","last_seen":"2026-04-07T03:28:25.006326Z","times_seen":1968,"resource_available":true,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":595,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aviationmanager.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 23 Mar 2026 15:49:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c1610d-d78d\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Site Kit:1.118.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (876)","md5":"bed8263581714b01b8b63608f7db500f","sha1":"c92fcff6a0f7910c8dc5b62feeee0e2bd5b13806","sha256":"8710b4b74ddaa6e99ed6fdc7fbfed32fe10eb3c3d284b41f8ba0b983567ed708","sha512":"f471a7d7083406a9937aead7e96ca0e99b4da5e78aa6a636330bb2a0df649716d9c5d53d49446017cec489520b7c73bc432bcdee2384741b8d304130ada95611","ssdeep":"1536:BlYr+dbix0ewmuoGFAgc2s5Agc2sV2iJTstRMdb:Bp0xR/DGFAgc2WAgc2u2iWtSR","tlshash":"e633e8a1629c3d7f041573d6311aa388708f8c78fb2188d7f7f795c9968af92253607a","first_seen":"2026-04-07T00:21:10.464104Z","last_seen":"2026-04-07T00:33:16.581584Z","times_seen":2,"resource_available":true,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/wp-content/plugins/faq-schema-for-pages-and-posts/css/images/ui-icons_ffffff_256x240.png","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:44.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /wp-content/plugins/faq-schema-for-pages-and-posts/css/images/ui-icons_ffffff_256x240.png HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/files/autoptimize_7d6f4436d919a3ef753cc492abd61917.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:42 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-189b\"\r\nexpires: Thu, 07 May 2026 00:20:42 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6299,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 240, 8-bit gray+alpha, non-interlaced","md5":"e06d47468baf2b7e615649723f416fa8","sha1":"c40994a9a7316f867bf9a314f6cd91d39c152062","sha256":"554a0d36028e599d7082f5e9660ea9457c046c51917ed5330efebbcd912eb40b","sha512":"a9f80e9963a9fdecbf794e9afbb4a50487f7b4c7369c3955d7687a62dc4e667665a2e8c424314575a96fcffdee74c2e25a5857b6c22f5fb465facbe17319bc31","ssdeep":"96:VBEtDvVfqOGSF1xCeeJ/QH7B5jbe7+Fc4l2bD8iT8JGpy13AeUYzHRNENQ//mcg:VB4VqCW/QH7ze7+DsjT8UpuAeUlNiuj","tlshash":"0ad19ed16a3bede0c4e6ccd93d6d736183b1c1494f29e67ad1edf9481d0a141b0a0baa","first_seen":"2024-05-03T17:06:37Z","last_seen":"2026-04-07T00:33:16.582371Z","times_seen":269,"resource_available":false,"data":null}},"time_used":1329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:44.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:42 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://aviationmanager.net/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55181,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T07:11:48.946741Z","times_seen":13452227,"resource_available":true,"data":null}},"time_used":1117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/ico.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:45.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/ico.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:43 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-47e\"\r\nexpires: Tue, 07 Apr 2026 12:20:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"78ced472c39ea826ef4c037f113d32a1","sha1":"c49391f4bea7109c7b0bc25a46f8d8802eccdf24","sha256":"547754129cd87bd3f2d6a890a128dee88f0bd1206e2505f6547ed0bf1370606d","sha512":"0a32eace2130d506ec94fb8ceb29806d2eccfbd682f743459d9c280a73571cf9e4343b93caf1e878f726997d1d5b59ead9f7e081828ef1128d4026f880ea0e17","ssdeep":"","tlshash":"8d317c8b52cd6f2ac619c3fdce83ae441224e759cf964bc79010a09e3d16ee8db4d5c8","first_seen":"2025-04-08T10:49:24.938652Z","last_seen":"2026-04-07T00:33:16.593601Z","times_seen":39,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":721,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/autoptimize_7d6f4436d919a3ef753cc492abd61917.css","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/autoptimize_7d6f4436d919a3ef753cc492abd61917.css HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 29 Mar 2024 12:13:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b064-394e7\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":234727,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (57084)","md5":"8f98b351aeab0a3a08d5e162e9afe080","sha1":"0c42034dced27fd01b4902c83e3c4f219b7a51a3","sha256":"1b1d1901e435c6094d4d083928286a17e737939113180f66e024f7f72cc744e2","sha512":"d77a2b456c80233779a358352a77043b2a518aa73190f204312252b93ef3899961f35f39956e64423e4b061a2b9427bc175cfed0b391e5f7983725915db3f57b","ssdeep":"3072:iLeJgk2u5SOV+UQ3Zo/0kPdvQQzaOifqoeSt:Yk2u5SOV+UQ3Zo/0kPlQPOifqoeSt","tlshash":"1a34c6325796c8fc377b83369c446264928bd682cb468feef43bd16491c858529b3f39","first_seen":"2025-04-11T10:55:28.021106Z","last_seen":"2026-04-07T00:33:16.591633Z","times_seen":17,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/jquery.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/jquery.min.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Mar 2024 12:13:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b066-15601\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-07T06:12:10.041556Z","times_seen":692029,"resource_available":true,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/jquery-migrate.min.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/jquery-migrate.min.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Mar 2024 12:13:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b066-3509\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-07T06:12:10.042125Z","times_seen":644625,"resource_available":true,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/images/9d5beb03f9a079a32696c4604141099a.jpg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /images/9d5beb03f9a079a32696c4604141099a.jpg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-cd6b\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52587,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1024x424, components 3","md5":"5921fc17cc7cbf000573d0d98ef81ee1","sha1":"6f34a1aabf959f639b33ab7ff5a9ccec2d05704b","sha256":"1df21285590bc02dae40efcc61f73177fd1fb439f90dc17828d9a0f8edd40227","sha512":"c89bf8d153bf6f1f00c1a89d9a2ad174e42a3747bb4aff40d696d5c77fad6ae5b420cc34a09b6d0d6c5f34ee425abd49ead39aab3068dfbfc0592a20c0a9c0b6","ssdeep":"1536:1cEkb0RHcW9kqcKZLfyl+U5DCeKmrNdhQniEketLUTjLE:1ceb9kqcWDyl+UZLukI4TjLE","tlshash":"0d33e1ce24047c99ebb64e3deb4783b876ac4485c167bf14007596f9afd97a6c8d8301","first_seen":"2025-04-11T10:55:27.994698Z","last_seen":"2026-04-07T00:33:16.609789Z","times_seen":17,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/download.png","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/download.png HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 29 Mar 2024 12:13:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b05e-daa\"\r\nexpires: Thu, 07 May 2026 00:20:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3498,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 326 x 155, 8-bit colormap, non-interlaced","md5":"849bfd4b2abef5d9e47b876589687227","sha1":"70adaa5878cdfdca89888af57be3c031e463e49e","sha256":"30f37ebd96b918d526a30730027c16002d6ce5c3234699a381b8329603f3b7d0","sha512":"9bd91efeaeb8b7a7b06b40073bf47b06703bbe8504286e06b732428b4aaf639bbc4395006b1f5b68cc04c68a03834119ed6b46c40c46d284bbd00afd7e0ac6dd","ssdeep":"","tlshash":"9b717ea19610cd2bcb6f63136bf094a8bf32e88e758c585190fbfa1765541df0c448f4","first_seen":"2025-04-11T10:55:28.011849Z","last_seen":"2026-04-07T00:33:16.61132Z","times_seen":17,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/InternationalBettingIntegrity.svg","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/InternationalBettingIntegrity.svg HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 29 Mar 2024 12:13:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b068-66b0\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26288,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a026a426d9cc0aa82215932addf45b39","sha1":"505fe3007bd1a7eab466a05a2040ec07292623cd","sha256":"a7617073a9501e9c61219182b6c41b33390d41ff6e63dd39cf557f0cd2a0be9e","sha512":"56fc34e93b8b5ec9716d6a80f473c9b54a4f35b5d33f60ca8b4c2772958fe4c0bdcb97ebcdfbd7c7d0cda797ab57bfd3e0bf2c4a0767bdeee26cf94fbc602b56","ssdeep":"384:siKbYg7GRL48u9Us59TfKh78ZA8TGdfetdrdEtdc907e:eYKl8uWs7TfggZVAeGtdW07e","tlshash":"6bc220e6176093dc5bcacc5eef23a8a4930f90b979b6f9d15d5f8b28544b988f207c10","first_seen":"2024-02-24T00:51:05Z","last_seen":"2026-04-07T00:33:16.608844Z","times_seen":81,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aviationmanager.net/files/autoptimize_single_27b0dc2f338875a59ce815367b703646.js","fqdn":"aviationmanager.net","domain":"aviationmanager.net","tld":"net"},"ip":{"addr":"191.214.172.6","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aviationmanager.net/","date":"2026-04-07T00:20:43.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.aviationmanager.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 15:48:15 GMT","end":"Sat, 20 Jun 2026 15:48:14 GMT"},"fingerprint":{"sha1":"90:69:DA:97:20:25:68:BB:BC:AD:62:0A:2A:A7:5A:31:FF:C6:E1:24","sha256":"3B:7B:CC:B7:9C:E4:A5:38:63:EE:D0:A1:33:67:05:1C:4C:5F:41:CB:CA:79:9F:BF:10:BA:27:C0:F0:97:09:A5"}}},"request":{"raw":"GET /files/autoptimize_single_27b0dc2f338875a59ce815367b703646.js HTTP/1.1\r\nHost: aviationmanager.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aviationmanager.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 00:20:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 29 Mar 2024 12:13:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6606b066-131f\"\r\nexpires: Tue, 07 Apr 2026 12:20:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (598)","md5":"333682959b8b63343202d7ef6858f6d8","sha1":"3b4e9fd055ba7efd5b4e69f6f32b834e4a74b877","sha256":"cfdc52d688c16a02b9dd455bdf7571a7facd26bed96f87240d0a1bfdcfaefb8e","sha512":"bc1814af152c69480b504b3646b640647d51daa05a6ce74bf65da621c86d5fa976f8ba5105f5dbd642560f83551b2145d37f5d2260ccb7491145b615fb321a0c","ssdeep":"96:ksz2LtirZRu29KQ2x9nQzUQy7xWSDx4m4GfiMQzFcZ:H28qHQybGQbQhcZ","tlshash":"fda165a1b05474dc1eb22388e94f3b0df227a627811cba08d4bc566ceb71781e619e5f","first_seen":"2024-01-21T13:19:31Z","last_seen":"2026-04-07T00:33:16.602022Z","times_seen":303,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-07","alert":"Phishing Block","trigger":"aviationmanager.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"aviationmanager.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}