{"report_id":"7113df92-b083-482d-a7ae-15221a6372f1","version":6,"status":"done","tags":["phishing"],"date":"2026-04-01T00:18:36Z","url":{"schema":"http","addr":"rt23.com/sgd/pr","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"rt23.com/sgd/pr/","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"title":"Authentication","dom":{"size":33093,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13018)","md5":"c9c8a14cfa764d06bf6b047c14a906e9","sha1":"3d90bf13a538a2319fa19486c86275c260a1e04b","sha256":"e1d1d65619f83a141e76b21d510dc3d402fa7929a727b7adc69e8fe89f54686f","sha512":"d1934385c5c6d6b73b4534cd85b7f34f41a3fed92267971c65acd845f1a4ef424cffd12a9513e47a35bc70f5e41d94600413bc4d44a28ead22cdfab2f3cfa7bd","ssdeep":"384:KntfBYJfJY3Q63ywJhJSkVVnki9jh8tnKK/1/3xiJzi22iYXij63yA:Knt5MAQ6aLjtnt/4JW2HYSj6r","tlshash":"7ce29118b9f637354e2350ba65b7c9053b7e76471504c814beac8bd4cf84b49faa2ec8","dom_hash":"domhash8576f1adf7f9fa024c992241c13aba68","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rt23.com/sgd/pr","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-06T00:18:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"summary":[{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2026-03-30T02:19:28.898306Z","alert_count":0,"request_count":1,"received_data":51950,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"rt23.com","ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"1999-09-22","domain_rank":0,"first_seen":"2025-11-24T10:14:57.04307Z","last_seen":"2026-03-03T08:06:34.909212Z","alert_count":44,"request_count":11,"received_data":1437469,"sent_data":4950,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-03-29T23:04:54.250741Z","alert_count":0,"request_count":1,"received_data":88168,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-03-29T23:24:32.360777Z","alert_count":0,"request_count":1,"received_data":86564,"sent_data":437,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-08T13:39:36.677742Z","times_seen":137850,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f26142434d967e8e876aa04486f50ef8","sha1":"65d5109e044a43d557539b75869c4b2d9a84ddbe","sha256":"1fa5e1eaf9b868acbcfab8c13a4fdde5b2c57f8d0f33ca3377af5059924e1f26","sha512":"a5c9193a61a12b066cf04244bc2fe9f9ed14876b310a0dbb81608d682259c524ddf3ab64b3975e04eaa95d5d899725751ea18882987109a62dd2729c5a5c3680","ssdeep":"192:5kVVi0ha7YWRwagjh8HOanKK/1/Py2KwDliP0Sdtzi22iWgVES0iN:5kVVnki9jh8tnKK/1/3xiJzi22iYXiN","tlshash":"1262950cbda936354f0750ba24b3c5953a6e798715018815bedc8ea4cbc0f49eaa2fd8","size":15760,"data":"","first_seen":"2025-05-12T12:23:32.476758Z","last_seen":"2026-04-07T17:52:26.595593Z","times_seen":139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c07e58ff9544d5e874400420f707d1ad","sha1":"850c1d660a92460fb5c7ade14ece9e19222ce563","sha256":"72e02a772bc34adddf4fe050d217d0063274553b933aeaf7fe318bf5ce3bdf25","sha512":"ec6dd14c0f7e8db1ec195b44c4ffa629cd22cc0e520abb81bdfe5027eb818bb0f9818d4fb54dd19ce2e77be69b1b01505c7142758cb77e1c66faf8a1d46d1e1d","ssdeep":"","tlshash":"1351bc08b2f72ba14d3b60f6577bd4097bba058b1009d915bead4bc48f14722f791ec9","size":2865,"data":"","first_seen":"2025-05-12T12:23:32.474231Z","last_seen":"2026-04-07T17:52:26.596113Z","times_seen":147,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-08T13:13:47.003684Z","times_seen":120765,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/bootstrap/js/bootstrap.min.js","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2f2ef0051cf284637b29bb4678c1b81","sha1":"1a18643241dea9ac7c190029ea6d8efbd73e5f84","sha256":"66af34efad8ad6be518c955fb42163a9f1178a2f51b6b16e7864a46973b04349","sha512":"bb64a1f3989866a47001e1b4601dbfb448c4454bbc817ba98c59cd94cc97f0c139baf6af0a16bb9f23e9872a3b6149ee555dce23ee3254264151c8a551122306","ssdeep":"1536:Qmw0iELO+TBR2t472RirWyKsVfK5GEfy3YJtCRv/45wZbqbXZTbYWU17X:VwXza3YCl45wZODZTbYRX","tlshash":"0d73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","size":80615,"data":"","first_seen":"2023-10-25T02:34:36Z","last_seen":"2026-04-07T17:52:26.590243Z","times_seen":333,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-08T13:38:42.043304Z","times_seen":269120,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:17.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 05:27:05 GMT","end":"Wed, 03 Jun 2026 06:27:01 GMT"},"fingerprint":{"sha1":"04:A8:A2:DB:A5:D9:6E:A1:96:19:8E:E4:20:63:9D:DD:4B:05:E5:4A","sha256":"86:F0:31:59:6F:27:50:6B:1C:65:39:9A:BF:6D:0C:A8:82:D5:B2:A6:36:4B:9C:0A:EB:05:EE:13:0F:EE:25:EC"}}},"request":{"raw":"GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 01 Apr 2026 00:18:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"67176c242e1bdc20603c878dee836df3\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:06 GMT\r\ncdn-cachedat: 08/01/2025 15:36:25\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1078\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: a78b5a25cfaf2df533c60a6d4fa388d4\r\ncdn-cache: HIT\r\nage: 3439217\r\ncf-cache-status: HIT\r\ncf-ray: 9e536a6afc04b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-04-08T13:13:47.003684Z","times_seen":120765,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":6,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/bootstrap/css/bootstrap.min.css","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:17.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/assets/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Mar 2026 10:53:49 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Wed, 01 Apr 2026 00:18:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":232903,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"308c077484b2e83ee2beea329dde81e1","sha1":"0c731e2cfcc3f28985482a1683c3f2c35bf3c403","sha256":"3b4b080b4438819e21e302be4b5a4c02b6316da27495604c610f25d3c165225e","sha512":"78b69e4914e73d4daf9e1c07bfdb85c98e52d295242c6bafdfb021aa9813bcd25d410a9e00fa98f8feee3be54684bc2487b6a5a51c46ce9e4d0ffb3820138dec","ssdeep":"1536:m9YnIWbn98fhRfvO5wlP7Qy9P3CV98IsYRElV6V6pz600I41K:pnIw98fsV986I6V6pz600I41K","tlshash":"833482d6f590317d9ca7c1499681fefd8a6fa985cb1209a6f003776807cabd30962dcc","first_seen":"2023-11-23T14:40:25Z","last_seen":"2026-04-07T17:52:26.591339Z","times_seen":325,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/css/styles.css","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:17.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/assets/css/styles.css HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Mar 2026 10:53:49 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 457\r\ncontent-type: text/css\r\ndate: Wed, 01 Apr 2026 00:18:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1444,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"138e060710459d4aed2314de379ff4fb","sha1":"8dd990c9d5da66602fd5e6560a845abe6ccb346d","sha256":"c447e75f1029ed7a5882add16bcd13ad44be3bd47c93c830ff39185e23d25ebb","sha512":"ad3de301ba2000fa7a1860d54c4b3422546554e9ef400dd6f2ff35bb8aaad438a28e2b22d35d6c844bb021e9d58a1540903642b8fb3c2b643ca67f23e2861637","ssdeep":"","tlshash":"02317c9416f42b105e1bc00014f5eb0272afc1c2c45dfdac29fa525c5e8e147aae2ffa","first_seen":"2024-06-14T10:34:31Z","last_seen":"2026-04-07T17:52:26.591889Z","times_seen":161,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T00:18:15.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/ HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 5802\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 01 Apr 2026 00:18:15 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":18420,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13018), with CRLF line terminators","md5":"4442128bfef801c1cd8e90c4dd753745","sha1":"f15f0a16cb6ad3958523bddedeecc64b50c61c3b","sha256":"2f54fa1326ec97e4cc995d10c918096ce6322394f3896635e7c79267d347ef37","sha512":"a2e8ae8a4d4b5b99d5f1abd09a75a29d32b7ab27d3d1ddd0380c8a408c2a9176c0405ebae8e48cddb8e914ea8b4e82737e36b9602c05bb4df0963237e0f7de89","ssdeep":"384:IgFccBkVVnki9jh8tnKK/1/eEiwzi6dilim:Ix4LjtntG5wW6MUm","tlshash":"c182a51db8a836354f3350ba68b3c555be6e794716018405bedc8e94cfe0e48ea93fd8","first_seen":"2026-04-01T00:18:38.991241Z","last_seen":"2026-04-01T00:18:38.991241Z","times_seen":1,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":169,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/images/ani.gif","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:15.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/assets/images/ani.gif HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Mar 2026 10:53:49 GMT\r\naccept-ranges: bytes\r\ncontent-length: 262884\r\ncontent-type: image/gif\r\ndate: Wed, 01 Apr 2026 00:18:15 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":262884,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 360","md5":"8be79354ae87e60c714f4dbcf98e2d25","sha1":"5f679a4fbec439cf19a5096258c1b8f8fd0abcdb","sha256":"e0ef79d96d5fd06b2c48e01bb1123d0c16e7e4cfd31e1fe9d60f7b358d499eb7","sha512":"d7ed0600091d3e122565baa1ad82aca4c93aceb151a70958c64ca13ac1721a3b35e12610eff05946659e054da5e8246eb8c6dbcf0cc8f91e8797e5b826012e76","ssdeep":"6144:mLAa/D/PN4yKuOCcmGWT8Gr4Hlh8/PkM2nFJesQvwbdFczjntQ5NJt:Q/D/PNlKu/cmGxX8/PkxCsFUIn","tlshash":"674402b1e1b93451db25123035f2aa224d429098d9f3e4be63e07ec2bb4bf31e7d45a5","first_seen":"2025-03-17T14:16:02.865707Z","last_seen":"2026-04-01T04:47:25.354134Z","times_seen":51,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":448,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:15.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.7.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rt23.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-155ed\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 01 Apr 2026 00:18:15 GMT\r\nage: 2888814\r\nx-served-by: cache-lga21978-LGA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 27, 90967\r\nx-timer: S1775002696.839475,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-08T13:39:36.677742Z","times_seen":137850,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":86,"dns":20,"connect":26,"send":0,"wait":27,"receive":8,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/bootstrap/js/bootstrap.min.js","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:17.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/assets/bootstrap/js/bootstrap.min.js HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Mar 2026 10:53:49 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Wed, 01 Apr 2026 00:18:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":80615,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"d2f2ef0051cf284637b29bb4678c1b81","sha1":"1a18643241dea9ac7c190029ea6d8efbd73e5f84","sha256":"66af34efad8ad6be518c955fb42163a9f1178a2f51b6b16e7864a46973b04349","sha512":"bb64a1f3989866a47001e1b4601dbfb448c4454bbc817ba98c59cd94cc97f0c139baf6af0a16bb9f23e9872a3b6149ee555dce23ee3254264151c8a551122306","ssdeep":"1536:Qmw0iELO+TBR2t472RirWyKsVfK5GEfy3YJtCRv/45wZbqbXZTbYWU17X:VwXza3YCl45wZODZTbYRX","tlshash":"0d73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","first_seen":"2023-10-25T02:34:36Z","last_seen":"2026-04-07T17:52:26.590243Z","times_seen":333,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/css/res.css","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:17.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/assets/css/res.css HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Mar 2026 10:53:49 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 160\r\ncontent-type: text/css\r\ndate: Wed, 01 Apr 2026 00:18:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":321,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e547507fda670080c7a67b6228697146","sha1":"a94623ce6306b9c7d521356e4c87bcaa9526d7e5","sha256":"b6298e801f433042494b3fa258697a193def98fdb6b47f625a7febcb50d33918","sha512":"369e14803ce6c1cc786fbfa2b5154946190e26b39ce2caa206dbaa02ffe2ff2bf57c9cb8e41e88e9f5e39c509ecc83ce99ee2b8cf402836813c3acfdc7c24d36","ssdeep":"","tlshash":"2be0ec53e9e1488e7057511842ff72bc3bed9486170eafe5241877b4eb4b7e205214c0","first_seen":"2024-06-14T10:34:31Z","last_seen":"2026-04-07T17:52:26.592382Z","times_seen":182,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:17.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:47 GMT","end":"Mon, 01 Jun 2026 08:37:46 GMT"},"fingerprint":{"sha1":"84:E2:03:36:CA:39:FF:65:64:D9:12:E7:E2:28:88:8C:3C:A0:CA:BA","sha256":"45:AF:9C:39:77:2B:D1:D7:B8:04:BB:2C:0E:98:C5:BB:8A:E8:99:A6:C3:AF:7F:90:AA:23:EA:F2:8F:AD:8F:B1"}}},"request":{"raw":"GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30028\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Mar 2026 02:12:31 GMT\r\nexpires: Fri, 26 Mar 2027 02:12:31 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 511546\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85578,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-08T13:38:42.043304Z","times_seen":269120,"resource_available":true,"data":null}},"time_used":352,"timings":{"blocked":145,"dns":5,"connect":28,"send":0,"wait":29,"receive":28,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T00:18:14.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nlocation: https://rt23.com/sgd/pr/\r\ncontent-length: 272\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 01 Apr 2026 00:18:15 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":18420,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T13:38:17.665152Z","times_seen":13503288,"resource_available":true,"data":null}},"time_used":1032,"timings":{"blocked":441,"dns":140,"connect":148,"send":0,"wait":149,"receive":0,"ssl":152},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/img/bg.png","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:15.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/assets/img/bg.png HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Mar 2026 10:53:49 GMT\r\naccept-ranges: bytes\r\ncontent-length: 815515\r\ncontent-type: image/png\r\ndate: Wed, 01 Apr 2026 00:18:15 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":815515,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1210 x 856, 8-bit/color RGBA, non-interlaced","md5":"ba540e295b716be15c54eaba4c63494b","sha1":"8a9f5c6a64ce1426d3570f74ac1fd318e0118939","sha256":"9de5b74a59bcff2b8c95f346b1331bef060361e40f91ca6fc1ce8ed2864dff4b","sha512":"727bafb10043a1b9a9710479d9004c543f05eb3fe95d80b800d6509bcd21c4730242836ea5c065e236e975c6e72975dd5ea7c873a5788d84b89d1c6b58da72ad","ssdeep":"12288:C96hUpv1g5mq8XNemYJiKNHgY+fyOJUP2bpSy7eebU9An8HLOWcbg/NwOanY:C9aA1AmzNgiOU/JNNS0okcOWcbOeBnY","tlshash":"6a0523170dc217f9dbb7b4c7123028618b6c17f48899c90e3dbda997286a754c878f6b","first_seen":"2025-12-02T08:06:01.401522Z","last_seen":"2026-04-01T04:47:25.360487Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1054,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":744,"receive":310,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rt23.com/favicon.ico","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:16.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 23 Nov 2011 00:19:02 GMT\r\naccept-ranges: bytes\r\ncontent-length: 0\r\ncache-control: max-age=604800\r\nexpires: Wed, 08 Apr 2026 00:18:16 GMT\r\nvary: User-Agent\r\ncontent-type: image/x-icon\r\ndate: Wed, 01 Apr 2026 00:18:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T13:38:17.665152Z","times_seen":13503288,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":673,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/img/lg.svg","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:17.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/assets/img/lg.svg HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Mar 2026 10:53:49 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 1522\r\ncontent-type: image/svg+xml\r\ndate: Wed, 01 Apr 2026 00:18:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3651,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee5c8d9fb6248c938fd0dc19370e90bd","sha1":"d01a22720918b781338b5bbf9202b241a5f99ee4","sha256":"04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a","sha512":"c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58","ssdeep":"","tlshash":"6371117b132887dae9d4a78c2e997b8d377095c4b1b24290874328a5bc086f7f038d60","first_seen":"2023-04-06T08:44:24Z","last_seen":"2026-04-08T13:26:11.486719Z","times_seen":122803,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"rt23.com/sgd/pr/assets/img/barr.svg","fqdn":"rt23.com","domain":"rt23.com","tld":"com"},"ip":{"addr":"50.87.11.99","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rt23.com/sgd/pr/","date":"2026-04-01T00:18:17.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rt23.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 20:10:35 GMT","end":"Tue, 16 Jun 2026 20:10:34 GMT"},"fingerprint":{"sha1":"69:7D:00:1C:32:3B:A1:65:78:11:AB:C2:99:15:50:13:18:B2:30:54","sha256":"CA:4F:C5:EA:CE:96:78:14:48:48:95:4E:32:97:4B:37:38:48:D9:DD:B9:F4:96:9B:4A:22:CA:55:DF:27:F1:A3"}}},"request":{"raw":"GET /sgd/pr/assets/img/barr.svg HTTP/1.1\r\nHost: rt23.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rt23.com/sgd/pr/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Mar 2026 10:53:49 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 276\r\ncontent-type: image/svg+xml\r\ndate: Wed, 01 Apr 2026 00:18:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":513,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a9cc2824ef3517b6c4160dcf8ff7d410","sha1":"8db9aebad84ca6e4225bfdd2458ff3821cc4f064","sha256":"34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58","sha512":"aa3ddab0a1cff9533f9a668aba4fb5e3d75ed9f8aff8a1caa4c29f9126d85ff4529e82712c0119d2e81035d1ce1cc491ff9473384d211317d4d00e0e234ad97f","ssdeep":"","tlshash":"29f0598a41c8fb142ce08050dff8ea28540270c3fb4e5008b1922b18e2ef383f6406f5","first_seen":"2023-04-19T20:10:52Z","last_seen":"2026-04-08T13:26:11.484037Z","times_seen":29784,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"rt23.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"rt23.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}}]}