{"report_id":"85a34c5d-1f36-40c1-acc2-5290c20f5748","version":6,"status":"done","tags":["amazon","phishing"],"date":"2026-03-04T14:18:53Z","url":{"schema":"http","addr":"rksigmaboy.in","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"rksigmaboy.in/","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"title":"Amazon","dom":{"size":26284,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (688)","md5":"5c93e4c28aed7c36d7bd3ac71006b35b","sha1":"d2be893bad1937114e242484c319663ad93228f3","sha256":"b677df6e081de43f2ab59163118e44f17308fefc831ddac7c3ac3a7cd0a3f6c4","sha512":"40fa01c1fec4ec6c63e4c1a85c99238c94018faf788654007820ddab48afe552d2bbc9ab3f7ce7fc9aa9b1c3cd8bfeda830aaa5162ddbd51898d0c46f8a13785","ssdeep":"768:HiCk5y22CAecVjEpkWcCmumXmHmzrmgm8me9aI6WBf:HqmumXmHmzrmgm8mHI6WBf","tlshash":"48c2a41070f030760a6b82422a0e9b0d3e746de72d078e5576af16582fc5efdb7a3769","dom_hash":"domhashcd3e94bc4b0b69187ad5a136c2d70795","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rksigmaboy.in","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T14:18:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]},"summary":[{"fqdn":"rksigmaboy.in","ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":115,"request_count":23,"received_data":2971546,"sent_data":10111,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"SpeedyCache","description":"SpeedyCache is a WordPress plugin for optimizing page load times and caching efficiency.","website":"https://speedycache.com","common_platform_enumeration":"","icon":"SpeedyCache.svg","categories":["WordPress plugins","Caching"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"rksigmaboy.in/all.js","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cb9661cb4646d8633ddccb8207fa43af","sha1":"d725c7e273863c2e83e7af0db7f7fc6200698567","sha256":"cc8af1c030d2a2a205a6ee3f6feb8cfc22c5b4d93c43440820a8482e5e34a8c1","sha512":"bb480f2180744e15004e99980c6b2dd2300fec1adf2d5ef45001fa832219ced4c318fb783fabaf1c6c136da23b48a2a84ecd3368ceff30e6969fa169e9851f29","ssdeep":"6144:T5Y2Ve2Nb36r7L7rxVuVUQ4oP6gShzX3bIOr0rsn/AC/3X6xV04yG9hDG1j+FYG/:zcLASx0NC9ptpBi2O9","tlshash":"a0754228c36953bc9e56d7b88a2634747d8e81ef60e0e728b66cc4b077560dcd2e9cc5","size":1632474,"data":"","first_seen":"2026-03-04T14:19:01.921243Z","last_seen":"2026-03-04T16:33:09.594485Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rksigmaboy.in/favicon.ico","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:33.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 04 Mar 2026 14:18:33 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: text/html\r\ncontent-length: 358\r\nlast-modified: Fri, 13 Jun 2025 10:45:41 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":583,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"51618ac2b7cf5c4937213e965c00f20a","sha1":"7e704e57162ed18743bef9f95e2dea558954751b","sha256":"0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5","sha512":"d07af4309bf8156644d604676eec62cf78128dae1cd1808e865e02bf7302b3dea5b1eda42eecd6e8687c84b85a6a52c07bd45b120b8fe5940d8d80586a2d0fb0","ssdeep":"","tlshash":"0df0e1671c61c4437421c64a33e1de6c54583213d109e969b6de511ccb89bdc88d3a25","first_seen":"2023-03-12T18:04:12Z","last_seen":"2026-05-30T08:27:36.629896Z","times_seen":12773,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/04.jpeg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/04.jpeg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/jpeg\r\ncontent-length: 23886\r\nlast-modified: Thu, 01 Jan 2026 06:32:30 GMT\r\naccept-ranges: bytes\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nx-newfold-cache-level: 2\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23886,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x375, components 3","md5":"91d0c7ec439b694dfffa2e8129dbcb22","sha1":"b96267be546133df185297be70a0d7509d1d2aa8","sha256":"f63ff498b33cc20b53bbaa1eab351084838b14a8c06ab1510c69df5567d36de3","sha512":"6bb0e19a61472fffa5499e3acfe4f752ac4bc2d16f911a6db117b885cff877ac9b995065a06ee952e9f46a917595e59bbaec497d0c386a0d6c3b7f0ea3d3b4f4","ssdeep":"384:9wH0Sew8mWiqk41dB9cfhmrioaMMC8gPKmQOMbgL7YBlvgtF8L4USAmK3hvm:CKxmEdDWmrBaMMPgimQOMbEsBFOU4U5w","tlshash":"01b2e1c9937803f8fb805bf18dbc0c34ebc3a85820ddb69b27c04b45fd091d9226446a","first_seen":"2026-03-04T14:19:01.885782Z","last_seen":"2026-03-04T16:33:09.58007Z","times_seen":2,"resource_available":false,"data":null}},"time_used":571,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":433,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/05.jpg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/05.jpg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 19 Jan 2026 05:17:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 93424\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":93424,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 963x810, components 3","md5":"b1d0896f83c8bfd3f7884d3cbe202b2d","sha1":"7e54f1273e1f95e2e3447b390537efbbe125da40","sha256":"a5527de9478c6a60ce7a1b33ef8ee6be9408ae3a14d76eaf14ae820bd40119f4","sha512":"f15f6428db1a05e8350b05f9abbed5636cac04874d712321349216aeef61ce7070560825f6a54d4423e7d0fcc7ef457dfd5481cfa7a6c8b37126a47dfb783b65","ssdeep":"1536:CL3pUgl2GOar75aJczozY+fDhWplyjlzWTkyCdOQdmCH8vrHiwY89jEeJm:4+gl2h6adzY+FRjJWTkyC8QEQ8vrCdIW","tlshash":"6a93f1c3dc1543a3b23806d8af131dde2b9b7b589ac036f850b2698b7e145654ecf41a","first_seen":"2026-03-04T14:19:01.888948Z","last_seen":"2026-03-04T16:33:09.580679Z","times_seen":2,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/5","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/5 HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: nginx/1.25.5\r\ncontent-length: 35528\r\nlast-modified: Thu, 01 Jan 2026 05:35:00 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Wed, 04 Mar 2026 14:18:31 GMT\r\nx-newfold-cache-level: 2\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35528,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"5473411afb0807750fb8d3998528daad","sha1":"2f486ee6593582dfd0fbce67176b1ff59ad2f804","sha256":"ebbff45672285ddc4e4dbf6699f3ca66228b591dd1cb5d55fbfbeafff251cb0a","sha512":"3424f9c50949789b1da661767b6a3c6c3aa8059dfda7a9f3c4b4c12212e5d38d302a0b9a1884e56a953ac94b9be0b8dba3daec2fa578001c890d0482d7b6d83a","ssdeep":"768:NyaIviaDiOf7YxvoXOdjTwQF3Pi9o/Pw70SP7I0H+a1if:Ny1vxraoXOdjFNiiHjSjLm","tlshash":"f8f2020d295619ffe6e5a720b8895e2cf99b47ec33b50c4f91d782c83c199b58ae09c4","first_seen":"2026-03-04T14:19:01.891529Z","last_seen":"2026-03-04T16:33:09.590104Z","times_seen":2,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":432,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/06.webp","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/06.webp HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 239246\r\nlast-modified: Thu, 01 Jan 2026 05:38:52 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=31536000\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nx-newfold-cache-level: 2\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":239246,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7eb680f4364653f5dddfa653a7d985af","sha1":"d177f3947608f11ccbc8dd72385b90e8d935357c","sha256":"774e73238960f40b060f91a390776f9bde8b937dde9f23f4ccb2b1df106f9e7e","sha512":"1afb3c20db472ada2ff16c2e5815944049a0136257726f0f592cd0c0d3a51e5972002aa98b96bcb77ec273dd1e76103f2fc25e50c1dadec4413a39ab9cc43996","ssdeep":"6144:82yjXXMW1pWGo1mm1b8RU1crrB/+I3ikhHgmG4ZJu5iYdU:8Tr1uXom1b8q1wt/+iikk4Zc/y","tlshash":"983423fe7e0e024ed85090778123768499334a21e89e8fa6548f919eff950f0dba7d53","first_seen":"2026-03-04T14:19:01.894801Z","last_seen":"2026-03-04T16:33:09.590698Z","times_seen":2,"resource_available":false,"data":null}},"time_used":853,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":422,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/09.jpeg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/09.jpeg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/jpeg\r\ncontent-length: 24037\r\nlast-modified: Thu, 01 Jan 2026 06:12:34 GMT\r\naccept-ranges: bytes\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24037,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x375, components 3","md5":"27658c3ed175246c259203120f69186c","sha1":"e63078b4d9fae51ce720453a9bb7e993ad1eece0","sha256":"2dae679b3e0bf9bb544fe226d98b23fda4bb719d08770dbc287d8e3198597d8c","sha512":"45e9c3564b6207e66887abbedc4a3abf055da9b3e10c6b30712202392a296535a41b4b40a86927f92fbf8b878ddeff2b5d0193f5f3c284d71eb4fa8d460576b4","ssdeep":"384:9wLvkHPY/zYA1GrdMwAV9s2NNxH34iRWSaSZ3ztRGVFAgPiuQ3RGE68:CLvkHwcA1cdor13Tz3ztRQFAruQrf","tlshash":"4fb2d0899278d3c4f9efa972346f85abd3e46a05c363e25371d06b21079ebd2c82c448","first_seen":"2026-03-04T14:19:01.897474Z","last_seen":"2026-03-04T16:33:09.581252Z","times_seen":2,"resource_available":false,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/all.js","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /all.js HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 10 Dec 2025 03:54:24 GMT\r\naccept-ranges: bytes\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-newfold-cache-level: 2\r\ncontent-type: text/javascript\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1632474,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3499)","md5":"d217aa6938e2a7b88dda5372da5a8a6d","sha1":"e44dbd2069db20d1d87e6e9007c470c061c823c7","sha256":"0b303252b3a98740120f3ab0af2e01b501325d1db854c39eb28557c5a4817534","sha512":"f33278f64ed30e7cac7b29e102c06fe9be93b9d09e59f5c08091531b9badfdbd018c8986f06cf2b43dae79702034987a042772d22f3a09262c5f4d789919357f","ssdeep":"6144:T5Y2Ve2Nb36r7L7rxVuVUQ4oP6gShzX3bIOr0rsn/AC/3X6xV04yG9hDG1j+FYB:zcLASx0NC9/","tlshash":"ff252228c35953bcde96d7f88a222474798e81ef60e0e728a66cc4b077560dcd2edcd5","first_seen":"2026-03-04T14:19:01.899496Z","last_seen":"2026-03-04T16:33:09.587142Z","times_seen":2,"resource_available":false,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":852,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T14:18:31.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: text/html\r\ncontent-length: 1722\r\naccept-ranges: bytes\r\ncache-control: public\r\nexpires: Wed, 04 Mar 2026 16:18:31 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-newfold-cache-level: 2\r\nx-speedycache-source: Server\r\ncache-tag: rksigmaboy.in\r\ncdn-cache-control: max-age=1296000\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"SpeedyCache","description":"SpeedyCache is a WordPress plugin for optimizing page load times and caching efficiency.","website":"https://speedycache.com","common_platform_enumeration":"","icon":"SpeedyCache.svg","categories":["WordPress plugins","Caching"]}],"data":{"size":8818,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ca1d84d1122ea27cfcb37af72ff2f404","sha1":"66ae14cf09a681febac2e735c85923f97541c6ef","sha256":"2cab31a78f347fa039287ed6812aaeba6caab56de0ea99f9ce4f8a8417d9a42b","sha512":"c97cbd648fb4ce0c872f187ef75991eef81088f2a8d0ad9a03c8d445550d8a7827f486d60e4979f0c3c07716c09a9b803e8b6372a68aa539d7e88ad900158db0","ssdeep":"96:HFWrDDYUNUcEGPoLu/pguizlJMVV8F0lFxEOlh/txzafKQ:kBycE4bVVpZ97/YKQ","tlshash":"d802b33564c1742302b7c2858a219b9bfe91825b9b0ba50933edabcb8ff7e01dc57951","first_seen":"2026-03-04T14:19:01.901648Z","last_seen":"2026-03-04T16:33:09.578596Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1091,"timings":{"blocked":464,"dns":178,"connect":140,"send":0,"wait":163,"receive":0,"ssl":144},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/03.jpg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/03.jpg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 01 Jan 2026 06:36:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 19968\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":19968,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 70\", baseline, precision 8, 300x300, components 3","md5":"8f4bca986853844cb5ea980ee7a8dd71","sha1":"8878347044d233902a4a3ab17c36b233a579651c","sha256":"cfd59d6729107a212323db2da19738e3cc3bba4e774693709670b76b3aaf4723","sha512":"44087491afcce2b60fae578a8580ef09da56ee49245f4f97f26c9b1f4d9a1b04637d4c7e853b941549345e269acbc1a1d577315d7744a048062125df4825c282","ssdeep":"384:LF+jgCdRrptOEkDCigt+eM3zZ9lVaMiwVclDnIL0Y+X7ntiEThaE0X2Cg0:LF+jgC3VtOEkby52dFacclDnIL0Y+X7I","tlshash":"ec92d0afafd20742c17583b1da2b5713a76a2473b3106dcc4b5691147a3d8c2ef6782d","first_seen":"2026-03-04T14:19:01.903646Z","last_seen":"2026-03-04T16:33:09.579445Z","times_seen":2,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":433,"receive":137,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/08.webp","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/08.webp HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 55134\r\nlast-modified: Thu, 01 Jan 2026 06:08:48 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=31536000\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nx-newfold-cache-level: 2\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55134,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e349979115f0abffa7cab0fd670796ca","sha1":"c2b63843326c20b21585b8e52674872f990b9986","sha256":"c79d0700db77ca41208365f2e14e3066c10cc16dce66877d75ad532fe4500396","sha512":"594ffbfa5b1d6c8f1dece0ba8e9adc043cc635bd9ed058d73015530a14b58a5b9d5542de5f3c1f6f1b6fb58303832da4e46b679bd50e36307017baede529583f","ssdeep":"1536:k9ktwHzsYRfX5T2UqHlt86XkCSbWw/gA/l:kStezPvVir8YkJb1Y+","tlshash":"1243f1118c7b20d4e26afb76d1e3b6cec83b5c59ec6548ee91c4ea3d4d20e0494ae537","first_seen":"2026-03-04T14:19:01.905533Z","last_seen":"2026-03-04T16:33:09.586495Z","times_seen":2,"resource_available":false,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":279,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/11.jpg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/11.jpg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 01 Jan 2026 06:18:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 71879\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":71879,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 338x350, components 3","md5":"5bb1368ab9ebd597d4f86051e00b6267","sha1":"9ca7b69d590b7addd9565ee3f26eb9abd95c9d2a","sha256":"fa2f4b27ce685c1e0aa33352f3fd5484608aa466b74e0d39709d290f1cf577b9","sha512":"e67b04594bd47e7cc0d3b7abb12d6c9b49355ac6eaf6ca3a1667388ac52427d5e201d4798ad11d72e8baec61e3be4c2074b1bccb9577ef52c8bc98fbfeb529b9","ssdeep":"1536:C/aBA5mcsIJCLw9WhU/PqDbiEU5Rhiiz2g8RxkBMbrF4C6Qwpva:C/a87sIJCLmm4abiEUzhi7BxkBo4pXpS","tlshash":"6763f19fdb09bb60e5513d7084f507eccf08c686f4cee0992158368b78b185814cbbda","first_seen":"2026-03-04T14:19:01.907141Z","last_seen":"2026-03-04T16:33:09.583053Z","times_seen":2,"resource_available":false,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":843,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/logo/logojon.png","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:32.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /logo/logojon.png HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 31 Dec 2025 04:52:46 GMT\r\naccept-ranges: bytes\r\ncontent-length: 111010\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":111010,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 300, 8-bit/color RGBA, non-interlaced","md5":"9193d0adb2d27acf7b5787ba3abbb871","sha1":"ab254db903a1766734e9f626338572a7677ad590","sha256":"9ee378d8fc1edec677b970968ca4107e337788967d5944871fb71eff79f97d00","sha512":"5dc0744bbdae73311d65682ff8592b3f79839390058823a0029ea3407b7ee237129827318ac579cf252ad421a8b1135dbaf4745a899749d4ce291e7c58a0203f","ssdeep":"3072:+TfCEO2036YE4VjJP2i90idzsDoD0ayosampJ1de:IFOTTEkxBG0D0nnaz","tlshash":"dcb3128fa4a441babdd1f8a32f598386077421578691f27ce8c832867c8963dd6d4dcf","first_seen":"2025-08-03T22:29:00.162176Z","last_seen":"2026-03-04T16:33:09.591659Z","times_seen":5,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":394,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/group%20image/1.jpg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:32.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /group%20image/1.jpg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 16 Jan 2026 05:30:00 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2635\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2635,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 186x116, components 3","md5":"7b616f1b842b68f57e044516083c4b3b","sha1":"d1a2808a9bd7df769199e80a962004af55984db4","sha256":"64bef8383ccd4419d973508e5d22ff38bc1b32ca3d0da53ebb57da1bfc538b28","sha512":"0a0ccb186c53c770fb8a7a51561bcd8faed03cdf8a0f3ed52edd191c10c9e1dc03dec77281a4bcf80f103f04f047a80a5a00cb8da3e7e30ba122ebf90130c018","ssdeep":"","tlshash":"fa513c044a4f525cd713c9372298c9562b0fd20783ed85d10111b769eede86d1687a63","first_seen":"2026-03-04T14:19:01.90995Z","last_seen":"2026-03-04T16:33:09.585933Z","times_seen":2,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":393,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/group%20image/2.jpg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:32.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /group%20image/2.jpg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 16 Jan 2026 05:31:48 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3094\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3094,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 186x116, components 3","md5":"a5f31b6c9d801440af3dc5a0c0ae062e","sha1":"ebfd1baab82ba48dd4b429b40bf75610cdb4ad4a","sha256":"6e99c64bf548025b8271e74a2af3efae68e96ac3a72702371ed37fad13f926df","sha512":"c5c297b90afda57b81a9b9f17519efe5c94872c56369fd5c42ad42b4e365d95e34ea16d8f08ea39fa1a03ee37c1ffe0cfa2b059e65d03e78a49cdad6805c2962","ssdeep":"","tlshash":"a4514b96e5838465c2270b3e99eca9d08b9eb74464c94f0210720f258c6f0a91bca9f2","first_seen":"2026-03-04T14:19:01.910833Z","last_seen":"2026-03-04T16:33:09.593561Z","times_seen":2,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/02.jpg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/02.jpg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 01 Jan 2026 05:06:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 22032\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":22032,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 420x440, components 3","md5":"56ebfa5fc781d107e5da22046281dc85","sha1":"f064bb15f510fa7b33891a7f971cb7e152992978","sha256":"8dac288937256e69dd0eb478441f2aea45dd345926d479f6ad555f3337d2e03c","sha512":"d94e70bd8f65de43cb9f70e1aff75f7badd6951f9cfdd4cb7cd5f1d28c8179e8413e2bab0e24ee33026fdf9b3b4301a851092679e4fbfe8c4a1fbf81a0403382","ssdeep":"384:4AWpAMUR2yWheHdDjc2q1rMvd5gsdduq2xzK/6VOKIX0fjND9xFbA3zuqEZxxvdJ:4AWy5wCK2irMvLzdYlKRHEJ5fyuqEZx5","tlshash":"65a2e1c38fa47bddcd9a167983ad817d1e45c84203dbaa5d3ab3e9149e8136467aa0c0","first_seen":"2026-03-04T14:19:01.911906Z","last_seen":"2026-03-04T16:33:09.589268Z","times_seen":2,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":140,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/07.webp","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/07.webp HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 41172\r\nlast-modified: Thu, 01 Jan 2026 05:41:44 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=31536000\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nx-newfold-cache-level: 2\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41172,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e113ba7c8d815594e52f18239cd75f81","sha1":"885f750eac72a090b55dbebec1e21a14294ac9ec","sha256":"1336746d861c1bee5f06bb5f4b39f62ed2b356b3ad53010d30d5f29ed4f923cb","sha512":"ddf2eb438663240f02d8b146d0d2f970640d1aead23c889da90cee672c890653a3577fa47e1e52feedc9cb3f7ce6e784209a450029876988f5acf1da0731c712","ssdeep":"768:Dpc3NuzHje3gPIa1B4YuPwiccG5a/TT3gfmdQ9E9rSELSNDLGUQ:DpkIHS3gPIw4Y/iLG47ZJ9rzS5GUQ","tlshash":"f303023f502e16addf41ec713268567dc75bb7836e140ecb805d9989a9bc3e08b474c9","first_seen":"2026-03-04T14:19:01.912881Z","last_seen":"2026-03-04T16:33:09.585378Z","times_seen":2,"resource_available":false,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":278,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/shop/10.png","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /shop/10.png HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 01 Jan 2026 06:17:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 167712\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/png\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":167712,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced","md5":"abec6b28c0ea730bd47fc0eafe007bb3","sha1":"12eb4f114a2b70ab62ef66e66bb5b1bf9ec0069e","sha256":"82ea1a387b38b986e18106fce81a7466798def9374c49092475c113f1b9d0fb1","sha512":"5ee0554b0dc94ccfb9cf375496671b510979d84194674a0eb1ee812dddd5fce61f6c73509edc47adb5a920cc186f9e9f5243b961c109d6ca91947c0dee84faa2","ssdeep":"3072:YEyEs80EpmM/xSqAHYVNIK8Mdw5msQS3bopfX2blrPWXUJ6:Y980E/NZ1wQS3bolX2bZPWXUg","tlshash":"0ef3122459b3d1c2df0f36301989fa83aa220d1fc5a421b13dbed4afdb15e1991d572e","first_seen":"2026-03-04T14:19:01.913852Z","last_seen":"2026-03-04T16:33:09.582223Z","times_seen":2,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":853,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/group%20image/3.jpg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:32.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /group%20image/3.jpg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 16 Jan 2026 05:31:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2965\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2965,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 186x116, components 3","md5":"cf2227a857187260e6d63303a91b26bb","sha1":"a4818d6450adfed65496ddad0e4f0d3c4a09dbf9","sha256":"114426f4f09d3b42c7ecbaf43e4910422470987c21feea0a6d24bf4496af5a70","sha512":"f996e5a61e07ca663f306f47001f406b130e96b1ea8bdd3d323c12e72fdf4779ce4540b6405e9d96172a655d2e07ece09ead165147878e85334029c9ce239c7f","ssdeep":"","tlshash":"b3514d8d851f0131f195d7330bbbb416a3f9bb4bb99a4f059c953a07dcbe6501814c6c","first_seen":"2026-03-04T14:19:01.914801Z","last_seen":"2026-03-04T16:33:09.588597Z","times_seen":2,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":392,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/style.css","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 20 Jan 2026 04:00:30 GMT\r\naccept-ranges: bytes\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-newfold-cache-level: 2\r\ncontent-length: 1444\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5186,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"81937c981e1e1e58ed39a6ba3e06befc","sha1":"8f42fff6f896de0f6aeae1e27cff02af7f8f634d","sha256":"e0e48801d1ac3fcafbabe938c46d55d6c42da7d275751504b0d3c052d72c6196","sha512":"e447d5421c8bea6987d3af847ca6785d3e8a60bd98560bbdfbc81a8ae45eb99c24c5369d390f116869dbb10f6ec5dae0e2e9e26bc37f7eca1150679894eaf7ae","ssdeep":"96:Sq771v4xc6/x7GGBrBa+Cfc6KfWknOJTIAVNas45Src2PGJpUxNDkOw:Si7N4x5/x7GqrQ+563p4UJHo","tlshash":"8db19a98d60211433233da653f318a40e7e9a457ca02433c7bf9b2948ff95796961fdd","first_seen":"2026-03-04T14:19:01.915698Z","last_seen":"2026-03-04T16:33:09.584214Z","times_seen":2,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/all.css","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:31.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /all.css HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 10 Dec 2025 03:52:40 GMT\r\naccept-ranges: bytes\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:31 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-newfold-cache-level: 2\r\ncontent-type: text/css\r\ndate: Wed, 04 Mar 2026 14:18:31 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":110114,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text","md5":"5066b45d92f6b3cb471012752f992127","sha1":"5626813a1478e829ad26ee2219e3e98364ac76bc","sha256":"2a9e68fb62298d2f02f5ffc53b7a307ab2bb43d396ca470d3430ce5c5c2677dd","sha512":"b40159e6554287abdd908ec60c50f8ce13ba008a990a2d99487a14d85bad700366eadaa2aedb25ef3a00e3962fbf16f61ca61f8912e192c62ecb1ccda3bb4723","ssdeep":"1536:uumumXmHmzrmgm8mHI6W10HxGrURcLSQIY1+sGrSjmNnK7i7Sx3NHt3CJ0shUNyO:m0I6WE+fI4RRF6UNIJ5PaJa3tzyf","tlshash":"e3b34b3862f31da6900d62b33546ed06bb3e3bd83e5b4ca82dc0ac597e5675c1217f62","first_seen":"2025-10-28T08:26:21.498014Z","last_seen":"2026-05-30T03:30:16.358345Z","times_seen":168,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/hero.jpg","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:32.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /hero.jpg HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 01 Jan 2026 03:26:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 286611\r\ncache-control: public\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\ncontent-type: image/jpeg\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":286611,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3000x1200, components 3","md5":"32d3328c2bdf0a3a7c4ebd10375cb669","sha1":"888e99fb4bd81568533cece378eb0705c5100d3a","sha256":"3ffe255f641d42474e14eb4d08c831f3c4dc211f32be40886a625a2a3fc81cef","sha512":"4eeee9c0c971a82e64bea85d3fbe71ce844995892c9f07539bf4a8dc88afad0f82110f41ad8089eb95ab095a581deb3354b5c68ae08ac1b691008055c7b916b6","ssdeep":"6144:DHaB1gb3gf29YaoSQq1ANqO/POpSlNTqCcSJh/a/Yn44qrZIbet:DH74UPoS7SNrPOw9FNh/4Yn4Z/t","tlshash":"72541246d390d39ef89fb43389758e29d0019169a7cb6df3bc108e5621acef25df9029","first_seen":"2026-03-04T14:19:01.918169Z","last_seen":"2026-03-04T16:33:09.587774Z","times_seen":2,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":393,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/group%20image/4.webp","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:32.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /group%20image/4.webp HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 6284\r\nlast-modified: Fri, 16 Jan 2026 05:39:54 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=31536000\r\nexpires: Thu, 04 Mar 2027 14:18:32 GMT\r\nx-newfold-cache-level: 2\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6284,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0f77e8a3095f39175c2fb9c148fc410a","sha1":"6db0315a1b6eeae30ec7659c8e51e7596f718a08","sha256":"6f04624266337bb78f9997e40f44a5400c1e3fa7c237b8744bb65a2916cfb78b","sha512":"0dce0918053a64016d716e57d0f78e636fec5e7872d5276fa3a19f7d8a2dadd439f529887a5799e69e5ae92b1499144f7a0c1c57610a2e44fe3c74d806680227","ssdeep":"192:Nw03LcckNkHd4O16Ufoi/qubm1Nib7sBxvYQTR:a03hkNkHeODfZqub2BxvxR","tlshash":"43d18c1482c81904f9edfcbc76a10bf9a46f0d652a376ba42011d0e145efd46e84fe67","first_seen":"2026-03-04T14:19:01.919216Z","last_seen":"2026-03-04T16:33:09.583668Z","times_seen":2,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":398,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rksigmaboy.in/webfonts/fa-solid-900.woff2","fqdn":"rksigmaboy.in","domain":"rksigmaboy.in","tld":"in"},"ip":{"addr":"208.91.198.101","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rksigmaboy.in/","date":"2026-03-04T14:18:32.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rksigmaboy.in","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 03:39:11 GMT","end":"Tue, 28 Apr 2026 03:39:10 GMT"},"fingerprint":{"sha1":"F8:9E:11:32:07:D7:40:37:EE:48:46:F5:0F:2E:4D:1E:22:9A:FD:42","sha256":"DB:0A:1E:59:A5:D4:5C:76:0E:4D:84:8A:35:5C:BE:8E:4F:30:2D:4F:D7:50:A1:03:22:85:B9:72:9B:00:9E:CF"}}},"request":{"raw":"GET /webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: rksigmaboy.in\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rksigmaboy.in/all.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Fri, 13 Jun 2025 10:45:41 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 358\r\ncontent-type: text/html\r\ndate: Wed, 04 Mar 2026 14:18:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":583,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"51618ac2b7cf5c4937213e965c00f20a","sha1":"7e704e57162ed18743bef9f95e2dea558954751b","sha256":"0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5","sha512":"d07af4309bf8156644d604676eec62cf78128dae1cd1808e865e02bf7302b3dea5b1eda42eecd6e8687c84b85a6a52c07bd45b120b8fe5940d8d80586a2d0fb0","ssdeep":"","tlshash":"0df0e1671c61c4437421c64a33e1de6c54583213d109e969b6de511ccb89bdc88d3a25","first_seen":"2023-03-12T18:04:12Z","last_seen":"2026-05-30T08:27:36.629896Z","times_seen":12773,"resource_available":true,"data":null}},"time_used":390,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":390,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"rksigmaboy.in","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Amazon","verdict":"phishing","severity":"medium","comment":"Resource associated with Amazon phishing","tags":["amazon","phishing"],"meta":null}]}}]}