{"report_id":"4983f89c-926b-4de1-8a2b-1ca0adad22e1","version":6,"status":"done","tags":[],"date":"2025-12-02T04:51:51Z","url":{"schema":"http","addr":"rcl.ink/","fqdn":"rcl.ink","domain":"rcl.ink","tld":"ink"},"ip":{"addr":"104.21.59.238","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"rcl.ink/","fqdn":"rcl.ink","domain":"rcl.ink","tld":"ink"},"title":"404","dom":{"size":1009,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"2e7547d0c97ceaffdf3eac5b88dece42","sha1":"ed9f98df2be2b9b4fd7728eba2d5cee32ea5c834","sha256":"62788517489948059a3bb716800ffc449d73e1d692e164466ece0583967c4936","sha512":"a4bf43b09bb19f3d4994f3dc0a847f497ab92262a0da0a05d0e82726f77c9664b4efb1abfef2a4648e1ebe549885746ef4d17a695367bbcba5899cf8b2e4a86e","ssdeep":"","tlshash":"0911e537c6905457d1d3c19c3411115f8591e10b555f82a9fafddb582f51ae7dc13188","dom_hash":"domhash973a0114d0fd4d741a3fc1a97bb125c3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rcl.ink/","fqdn":"rcl.ink","domain":"rcl.ink","tld":"ink"},"ip":{"addr":"104.21.59.238","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-06T04:51:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"rcl.ink","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-06-03","domain_rank":1943454,"first_seen":"2018-06-23T14:01:31Z","last_seen":"2025-11-21T15:57:32.018876Z","alert_count":8,"request_count":2,"received_data":3315,"sent_data":897,"comment":"","tags":null,"fingerprints":[{"name":"Bootstrap:3.4.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"BootstrapCDN:3.4.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2025-11-30T23:41:08.69832Z","alert_count":0,"request_count":2,"received_data":160969,"sent_data":894,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"216.58.207.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-11-30T22:35:15.445479Z","alert_count":0,"request_count":1,"received_data":89131,"sent_data":436,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.207.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-10T09:52:19.066999Z","times_seen":116701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d8308804264c5b751f6e54734c46897","sha1":"369a832ef7f8a57e9b59b84b181fdb4fc9125050","sha256":"909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4","sha512":"ccf07732f7a858a966ac33532803d3c7787e414b29f172d717fe82a2a2067740ed36da7acb99fd44483073bd94c75e8912548ec720218a2fc236888b79d12b7c","ssdeep":"768:0mLwtev6lwUt0eWN3Me9DU1Vt0Zpdcsi153K0rmqeYW:eJuUmTiNrmqeYW","tlshash":"52f2840ab23035a107efa1a1414b020e73366a7de94791ac78b9daf12db4c49717bf7d","size":37608,"data":"","first_seen":"2023-03-07T01:03:30Z","last_seen":"2026-04-10T04:38:38.758738Z","times_seen":2478,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"rcl.ink/","fqdn":"rcl.ink","domain":"rcl.ink","tld":"ink"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-02T04:51:29.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rcl.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 13:40:13 GMT","end":"Wed, 25 Feb 2026 14:37:51 GMT"},"fingerprint":{"sha1":"59:82:50:9D:0C:E9:43:E4:5E:7B:AB:08:7A:7F:2B:99:A6:63:1B:D1","sha256":"C2:5F:C9:62:C2:98:40:44:C6:2E:48:48:6B:13:F9:77:21:DE:54:6F:79:10:7A:8F:B5:10:38:C0:5E:4E:8E:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rcl.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Dec 2025 04:51:29 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GQlcPlpAHW0bgBiTV%2BA7J2amk2QwTzpITpLkY6bEwbu793IzrL021xrIygccWRZWTZwplnP%2B63KIkKkUpzjRbppGF7rB\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a78359c796cb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap:3.4.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"BootstrapCDN:3.4.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1029,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"284cae816f9e067cc96f1738f09c4162","sha1":"6d7faaf94e0c145e7c1e1973de448849c96ae338","sha256":"ec250e0540f33cf04f1b48b296e740964662e159934e3ad50e2cf68b18f4aa7a","sha512":"737beaff198c36d916fb26d3345b7108b7cea85ab52f43c1beb1850354c7cae498ac53e0938d5f1348e670123dbff2f7e38bfc497b4f12f80c7b63467236fba7","ssdeep":"","tlshash":"07112537c690145791c3c09c3411111f8592e10b659f83a9fafddb582f91aebdc13188","first_seen":"2025-06-01T02:14:11.899132Z","last_seen":"2026-03-31T00:58:17.238171Z","times_seen":54,"resource_available":true,"data":null}},"time_used":497,"timings":{"blocked":20,"dns":0,"connect":1,"send":0,"wait":457,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rcl.ink/","date":"2025-12-02T04:51:30.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/3.4.0/css/bootstrap.min.css HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rcl.ink/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Dec 2025 04:51:30 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9a7835a0d960a41f-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"9568d6466155669e72ed389ebb1d22f3\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:00 GMT\r\ncdn-cachedat: 06/26/2025 20:53:35\r\ncdn-proxyver: 1.30\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1077\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 70901d2f0752e9a9d29e92ed026d8617\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 3295191\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121457,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65369)","md5":"9568d6466155669e72ed389ebb1d22f3","sha1":"358e190d6078c6ea49f0046bf81bfec56eb03fa5","sha256":"1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a","sha512":"8127eb4b219f8dd8c0d46d9cf9e3fbe3df0708db7ee6c276df34d6eeaaf6cee3b63fb9ed21c4863973f6ac75d16378e1de8dfa8d8456b3c9985fc2c456b02414","ssdeep":"768:9f7Gxw/Tc/hOWlJ+UtVIuiHlqAmQI4X8OAdXFxbv8KIf2BdU+JdOMx1iVvH1FS:ew/YGGIuiHlqAmO8l1bNXdOqT","tlshash":"54c3c7a0f21031ea7333c55a71d0fd872219a153e6664eb7f22f25d88f846ca1673f1a","first_seen":"2023-04-08T13:53:30Z","last_seen":"2026-04-10T00:52:15.305676Z","times_seen":938,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":22,"dns":1,"connect":1,"send":0,"wait":12,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.207.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rcl.ink/","date":"2025-12-02T04:51:30.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rcl.ink/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30774\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 27 Nov 2025 00:44:28 GMT\r\nexpires: Fri, 27 Nov 2026 00:44:28 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 446822\r\nlast-modified: Mon, 13 May 2019 14:37:17 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88145,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-10T09:52:19.066999Z","times_seen":116701,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":105,"dns":0,"connect":20,"send":0,"wait":21,"receive":21,"ssl":85},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rcl.ink/","date":"2025-12-02T04:51:30.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 04:05:50 GMT","end":"Thu, 05 Feb 2026 05:05:47 GMT"},"fingerprint":{"sha1":"CE:AE:8E:FE:2A:86:03:2B:16:43:FF:98:36:53:B2:ED:10:BF:FD:23","sha256":"95:CB:A8:7B:9C:88:98:F1:EF:D6:C9:79:E1:98:63:76:71:B7:BD:E2:89:6D:CD:55:61:DB:C0:4E:B1:1E:67:F7"}}},"request":{"raw":"GET /bootstrap/3.4.0/js/bootstrap.min.js HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rcl.ink/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Dec 2025 04:51:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9a7835a0d964a41f-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: W/\"3d8308804264c5b751f6e54734c46897\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:00 GMT\r\ncdn-cachedat: 03/18/2024 12:46:58\r\ncdn-proxyver: 1.04\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1075\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requestid: be49f469f762bd6b721b29629eabc097\r\ncdn-cache: HIT\r\ncdn-requesttime: 0\r\nage: 1039637\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37608,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37481)","md5":"3d8308804264c5b751f6e54734c46897","sha1":"369a832ef7f8a57e9b59b84b181fdb4fc9125050","sha256":"909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4","sha512":"ccf07732f7a858a966ac33532803d3c7787e414b29f172d717fe82a2a2067740ed36da7acb99fd44483073bd94c75e8912548ec720218a2fc236888b79d12b7c","ssdeep":"768:0mLwtev6lwUt0eWN3Me9DU1Vt0Zpdcsi153K0rmqeYW:eJuUmTiNrmqeYW","tlshash":"52f2840ab23035a107efa1a1414b020e73366a7de94791ac78b9daf12db4c49717bf7d","first_seen":"2023-03-07T01:03:30Z","last_seen":"2026-04-10T04:38:38.758738Z","times_seen":2478,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":10,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rcl.ink/favicon.ico","fqdn":"rcl.ink","domain":"rcl.ink","tld":"ink"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rcl.ink/","date":"2025-12-02T04:51:30.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rcl.ink","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 27 Nov 2025 13:40:13 GMT","end":"Wed, 25 Feb 2026 14:37:51 GMT"},"fingerprint":{"sha1":"59:82:50:9D:0C:E9:43:E4:5E:7B:AB:08:7A:7F:2B:99:A6:63:1B:D1","sha256":"C2:5F:C9:62:C2:98:40:44:C6:2E:48:48:6B:13:F9:77:21:DE:54:6F:79:10:7A:8F:B5:10:38:C0:5E:4E:8E:75"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rcl.ink\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rcl.ink/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 04:51:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FgFh6lQC0PuNZetzy26JrXI6EjWL4mrIeKai%2BN1557ij0%2FpumVqDGKrKbyOAk0i%2B%2BDvpkuslB18iCrBw3uyFmnZytldN\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nlast-modified: Tue, 02 Dec 2025 04:51:30 GMT\r\ncontent-encoding: br\r\ncf-ray: 9a7835a21888b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"BootstrapCDN:3.4.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:3.4.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":1029,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"284cae816f9e067cc96f1738f09c4162","sha1":"6d7faaf94e0c145e7c1e1973de448849c96ae338","sha256":"ec250e0540f33cf04f1b48b296e740964662e159934e3ad50e2cf68b18f4aa7a","sha512":"737beaff198c36d916fb26d3345b7108b7cea85ab52f43c1beb1850354c7cae498ac53e0938d5f1348e670123dbff2f7e38bfc497b4f12f80c7b63467236fba7","ssdeep":"","tlshash":"07112537c690145791c3c09c3411111f8592e10b659f83a9fafddb582f91aebdc13188","first_seen":"2025-06-01T02:14:11.899132Z","last_seen":"2026-03-31T00:58:17.238171Z","times_seen":54,"resource_available":true,"data":null}},"time_used":458,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":458,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"rcl.ink","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}