{"report_id":"a430a2c0-f6b8-48a6-adf8-a3d7181538f4","version":6,"status":"done","tags":[],"date":"2026-05-30T20:38:52Z","url":{"schema":"http","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":0,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"final":{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"title":"RGT NEWS ✅ Notícias de Rondonópolis, Cuiabá e Mato Grosso","dom":{"size":701,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (624)","md5":"db0ce0972f16ec25d0eaf188851efd56","sha1":"61d373a3cbb6975b7efc7fe789e6c1b390874a1f","sha256":"70df9b0f1ba0a0c1abf5bf2b5c117ebf58ae868cb3e3232ee22efe01958ece7a","sha512":"74489b9f2710004926e320f04cd00ac45e6b3ef4082710c0f4665a67aaded43c67f5288a0e6fce1213779b6014b7b7be76f237728bc007ee038de744cf841cc4","ssdeep":"","tlshash":"ed01448bf405382d9673032430e93d89987e93608c402230b24e62c346c47e75b06b95","dom_hash":"domhash66fb451f1b6f50d037d5916aa3d25bcf","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":0,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-04T20:38:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ui.cleverwebserver.com","ip":{"addr":"104.18.33.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-12-30","domain_rank":170426,"first_seen":"2021-06-23T08:11:11Z","last_seen":"2026-05-30T06:27:24.322688Z","alert_count":0,"request_count":1,"received_data":703,"sent_data":410,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-24T22:18:17.447529Z","alert_count":0,"request_count":3,"received_data":131913,"sent_data":1647,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.open-meteo.com","ip":{"addr":"188.40.99.226","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2021-04-27","domain_rank":344510,"first_seen":"2021-04-28T21:05:40Z","last_seen":"2026-05-26T09:48:09.171103Z","alert_count":0,"request_count":1,"received_data":904,"sent_data":499,"comment":"","tags":null,"fingerprints":null},{"fqdn":"scripts.cleverwebserver.com","ip":{"addr":"104.18.33.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-12-30","domain_rank":198847,"first_seen":"2021-06-23T08:11:10Z","last_seen":"2026-05-29T09:32:24.452967Z","alert_count":0,"request_count":1,"received_data":114077,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-24T22:26:02.229202Z","alert_count":0,"request_count":1,"received_data":479401,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"brasilapi.com.br","ip":{"addr":"104.21.69.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-09-23","domain_rank":216419,"first_seen":"2020-01-30T09:23:18Z","last_seen":"2026-05-03T19:35:19.142716Z","alert_count":0,"request_count":1,"received_data":4124,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2026-05-24T22:50:29.390198Z","alert_count":0,"request_count":2,"received_data":1696,"sent_data":2054,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.no","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-05-24T22:47:05.749853Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":676,"comment":"","tags":null,"fingerprints":null},{"fqdn":"rgtnews.com.br","ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"domain_registered":"2022-04-27","domain_rank":2517639,"first_seen":"2026-05-03T19:35:18.38258Z","last_seen":"2026-05-03T19:35:18.38258Z","alert_count":108,"request_count":108,"received_data":6892416,"sent_data":62043,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"AddToAny Share Buttons:1.1","description":"AddToAny Share Buttons plugin for WordPress increases traffic and engagement by helping people share your posts and pages to any service.","website":"https://github.com/projectestac/wordpress-add-to-any","common_platform_enumeration":"","icon":"AddToAny.svg","categories":["WordPress plugins"]},{"name":"PHP:8.2.8","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Blocksy:2.0.95","description":"Blocksy is a modern and lightweight WordPress theme designed for a variety of websites, including blogs, portfolios, ecommerce stores, and business websites.","website":"https://creativethemes.com/blocksy","common_platform_enumeration":"","icon":"Blocksy.svg","categories":["WordPress themes"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Elementor:4.0.7","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"Blocksy Companion","description":"Blocksy Companion is a WordPress plugin that provides additional functionality and features for the Blocksy theme.","website":"https://creativethemes.com/blocksy/companion/","common_platform_enumeration":"","icon":"Blocksy.svg","categories":["WordPress plugins"]},{"name":"AddToAny","description":"AddToAny is a universal sharing platform that can be integrated into a website by use of a web widget or plugin.","website":"https://www.addtoany.com","common_platform_enumeration":"","icon":"AddToAny.svg","categories":["Widgets"]},{"name":"Yoast SEO:27.6","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"MonsterInsights:10.1.3","description":"MonsterInsights is the most popular Google Analytics plugin for WordPress.","website":"https://www.monsterinsights.com","common_platform_enumeration":"","icon":"MonsterInsights.png","categories":["WordPress plugins","Analytics"]}]},{"fqdn":"static.addtoany.com","ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2006-03-10","domain_rank":28267,"first_seen":"2012-05-21T12:58:18Z","last_seen":"2026-05-25T09:03:33.856714Z","alert_count":0,"request_count":9,"received_data":88785,"sent_data":4212,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"call.cleverwebserver.com","ip":{"addr":"104.18.33.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-12-30","domain_rank":210421,"first_seen":"2022-09-12T01:17:57Z","last_seen":"2026-05-23T16:21:47.741317Z","alert_count":0,"request_count":1,"received_data":238,"sent_data":640,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-24T22:21:07.624228Z","alert_count":0,"request_count":3,"received_data":29154,"sent_data":1521,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rgtnews.com.br/adrotate-clicker-js-extra","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"722b128a24f7958ea05d8782c9eb3c68","sha1":"bbffe14c24da4f50852f4d850e724971c836669c","sha256":"9d8e40a0b1092d8d28d2a297f62e82a752c011e7d4eddf138e62318dfc1ed65b","sha512":"08b63673ce70754ec0c88e2a19b5926f4441e7b843d882cf9366436d8118fd859b5fa5c230ef0e869a92073041a9f4f177a87e4fa25a818c290c140a710352ff","ssdeep":"","tlshash":"de212be1c8cc5fdbe5d45cf4040823738064a083ee4054c447e4d04091289d69c48003","size":1441,"data":"","first_seen":"2026-05-30T20:39:08.846628Z","last_seen":"2026-05-30T20:39:08.846628Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/dist/api-fetch.min.js?ver=3a4d9af2b423048b0dee","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"11287ad1edffec6fd95526dfcdb9f723","sha1":"fb182cfdaa075a8c9fd513d2a535405d26849b82","sha256":"8dd8533a009cc53a4262e3a18bb69f18ddbb17f9201983845c14173d5f54a323","sha512":"9454be02fa3b758ff0418605dc0cb0d75f422b9cdb0380a3276a65c79a414f3f98e59e50fb912856bf27a1e52038e4a66b062ed5840e4c2fe4e3bee7ea7cc2c8","ssdeep":"96:84ZWAVsa7mtObr0bTLnPhiqkLDWqmEVVtCgtfitfBxHwXT9T786TtWshNae9jzG3:nWAVbCob4bTDPhsLSqmEtCSAHwXK6g6e","tlshash":"b9c1dac430c3f417276e1edcb8fe0526f95b8a89745d8480f6d6ac2638fa40ac036b66","size":5799,"data":"","first_seen":"2025-12-02T22:49:33.841226Z","last_seen":"2026-05-30T22:13:31.998523Z","times_seen":10306,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/email.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"452a9a6a280379512ab5764a1d42bae1","sha1":"61e0f75ff25c554dbf65743f1f6bf9d003ddc905","sha256":"d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453","sha512":"886b316d47a86f624f9eb9746ba2441b7508678c9bae9a17f26b4e0c8665b9dd3d641a6a6bc26e57fd7881031d7b826975d517e133ff2fee0704f0a45088cb6f","ssdeep":"","tlshash":"b2e02bd21160d7450f3307aacf6d22cb763e21bde0dc058142258af5d4d74dd4b05c23","size":415,"data":"","first_seen":"2024-04-12T16:11:45Z","last_seen":"2026-05-30T22:29:26.408567Z","times_seen":4751,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/blocksy-companion-pro/static/bundle/sticky.js?ver=2.0.95","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"5985978e43c567ddd51b9fd60f8edf08","sha1":"a20c105a7901eb9d88e35436013efa8cc774cc07","sha256":"96f071e438795b8d647e5b5beba0a42df5d9a1b72ab9820436ea26f45ce56af0","sha512":"6abc183a1116902f8b3caf69e3e1f903cd5265e5d4caa9cdd1d0dbb1d7f01f2a2dfb63a004a594ad0148ae4f6a2b58211a70c4f09726b69009b99f708149c303","ssdeep":"192:mgA2CpH/6cYdiCp/SCpQEmCpSyCpUCjVAAv4v0nUylnXIaXH6jBzYbDlP2v3:mkCdk4CsCUCRCRHDJ16","tlshash":"f762c76873917435d2a770e6402f950af6b7764db5cf8080e206cca67cfcc8751abe6a","size":14990,"data":"","first_seen":"2023-11-29T15:01:59Z","last_seen":"2026-05-30T20:39:08.67827Z","times_seen":130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/sm.25.html#type=core\u0026event=load","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"107e713ee1be819b72679a9b20d1b704","sha1":"1d4a8f1f9af8ae391110851b0c5df66d50a1d8dd","sha256":"8eb57361472f7fa5e3b2def7d28f9a03330413fd300a2223ee2ca3291782a41f","sha512":"503b1a4d5d8ff0a9b6caf23041156bf016983c5243d3c129aa6da4a26b947dc73b4ca76400f3d0bed5b7e67c721948a6f77d4720eec763e78268718e4524ac3e","ssdeep":"","tlshash":"a7f0204ff21e393c86730615309a3c86e43e93708c003230a64fa38306d8b9b574af51","size":552,"data":"","first_seen":"2025-03-02T13:21:48.338565Z","last_seen":"2026-05-30T22:36:30.420573Z","times_seen":39825,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-api-fetch-js-after","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"003c2e83f629de3ac21cf690bd3b23e2","sha1":"564e9ba22954de3665c876a49f0a7986cee487d4","sha256":"a2a7932d271b83414e462882fbd71d0768a176260675d174f24b76ecb96eb148","sha512":"0d06af157b746a9d94eb426ea93a23343c1ea7a52477994a1a5124d98a7bfac230d32029bfabac0fe3c3216e4034006360912f5c7e01f693feef0e3e4ef60d6b","ssdeep":"","tlshash":"c33165fdf4901f9aa05da97457fa03216ae49cccedb7d3001eb6ae4492c5881bc59146","size":1748,"data":"","first_seen":"2026-05-30T20:39:08.849002Z","last_seen":"2026-05-30T20:39:08.849002Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-05-30T22:01:38.06974Z","times_seen":807581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-05-30T22:01:38.018395Z","times_seen":875074,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"77a133162dcea143f2fc0d52f91d371e","sha1":"485973079a28b76e3df2d65d826f2c0b3fbc02e6","sha256":"5adc1a38ff7ea615bd12541f8ac4ad9f238c70de30d44b7b579180e537b27eee","sha512":"a5c97a65a8ff86d90ec7a3b94803687e3e7fc4b1ed3977ee39300a6062a6ebb657a7eab1ce7207bb025b9d210bfc7c7a5dbc758af6de9abbc2b7fc8486f34f53","ssdeep":"96:dTg7ov4u2sB99QzSIQZTqFlnPaE6QHilfxaqzk6XnPoLSNp:VAlSczSIQg7v6dDaH6/oL8p","tlshash":"b5d11ec0ebdd60974aa6319d4c3e29ece03c55b238045cbbfe48fa544565c2e824eb7b","size":6653,"data":"","first_seen":"2026-05-30T20:39:08.850391Z","last_seen":"2026-05-30T20:39:08.850391Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/ct-scripts-js-extra","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b50cf5a9f4aeda4310cfb762313eba9","sha1":"32dd7ecdf1881d7280c8beb5c5a40d9e920c6d01","sha256":"cfab03509598dfa075d6d96d7615ad3fb9d2b7c1d343cca8b4f81d5ac6b03ebe","sha512":"cb95fa0d7b0dae299c9a1f706d7eaa2b06146fb037c54e8865c0e3169942f4c1b69c3c47038c5852c10ca5f01bfccabc4a393624b045746888b0f5dc6520103f","ssdeep":"","tlshash":"c661db76c17972fd17a5a1b1181b3621d25b70e3cd8893e5eb78c51c8bd8fa8320e74a","size":3347,"data":"","first_seen":"2026-05-30T20:39:08.851727Z","last_seen":"2026-05-30T20:39:08.851727Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/ultimate-post/assets/js/ultp.min.js?ver=3.2.4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"55d5eb011d30065762712a4579a621a3","sha1":"0f2941316bf36278a4a291bb40373334476aa88b","sha256":"4f505becb8a3bcb78c19a3f4bd91789606880568010b5040db5fcc12133ab828","sha512":"f54c2ff92128a2a89900d7ffde3c9e9c954713f5fc202042bc26321c11afa93e3481e537b55f0e2dca02ae57a8d57cff504ae896ee63f2467b59c161405f8a48","ssdeep":"1536:h0t0g0d0v0dRxEI2V5h5OWf3N15pJyhTyZZgQSZ03xf+VFjC5g0S3ZiHTtZvBosX:h0t0g0d0v0URhN/yhTyi7OpJgPY","tlshash":"3973b709a64427b144e711e12016d809a3f7be35e60381e472c9c7fa166ed8ca5fbbf7","size":73682,"data":"","first_seen":"2023-12-02T02:20:27Z","last_seen":"2026-05-30T20:39:08.622734Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/twitter.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca05cf90bd32d6134c0b92464c343f9a","sha1":"187feb5cc71d225717838268487a0abc9b8d405c","sha256":"3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636","sha512":"d36553644d3a52a96dbf733c7eb766deda074c926f44514001633dd0a3ea2b84d1a835f207bcd9772e33b2a8c086616cebf6119a3d802134636ef7c53e92dec0","ssdeep":"","tlshash":"8bf0ddfe277c60dc28234baacb15e5591b2d30ba3b8051c3061c87b0488791ce503d42","size":645,"data":"","first_seen":"2024-04-12T16:11:45Z","last_seen":"2026-05-30T22:28:43.469924Z","times_seen":5008,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/921.5514159e238824c4aec6.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"400b67c820e574275bbaeb9a8676eca9","sha1":"3792a14d995c896ec1475b6dd456cdfce869ffde","sha256":"5fe0d6e0c180c16537c63538da2781175cea66054f03dfe8bcb2e40a0e967f75","sha512":"ebfed569c629559e4cc2e3c0c9c2be8828d7eb8af949c599b8f72a999876ab8771143469b42a9fe55ff6eda21f4f4ecfe654618683ba458a178ce2bed58deef4","ssdeep":"192:xUQgOYY6wFYR/jBK2s2O2Xu0XWrMIQmb9X1wwKI3qUH8NUC:x9j6gYR/3s21XvXuMitqlUC","tlshash":"96d161edf684b9b646ea76ba937fa10cf37b24d2710b4460642a84d41c358c711b3fb9","size":6538,"data":"","first_seen":"2024-10-11T08:54:05.225678Z","last_seen":"2026-05-30T20:39:08.624929Z","times_seen":1037,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"2695961edcae8f4548ffa42ea78f6c51","sha1":"e145f32a2c1b3dac2f060822ae2ed45b35786791","sha256":"b54585eabaec7fbd85e206d52d65d95cdc2b0df3c32fab83c7f2efda697161d4","sha512":"42a5a135be1e9f4bd91d77d23dfb79597855f32662fc198f44e64dfd704c608bf8e74de6e0193b02664483437acb7af939a636a04a2b26794377f4e216fdd1d7","ssdeep":"","tlshash":"5fe026a3d8cbcdedea0c6bd66afe1cb881da10d755092007c54cae4b41a06382104e5e","size":332,"data":"","first_seen":"2026-05-03T19:35:32.204391Z","last_seen":"2026-05-30T20:39:08.852991Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=10.1.3","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"d358e30e5cdd6d7e2d8238e5fbbd2360","sha1":"7b6f06c33cb8e2410bcaac47618a10d16b34ab90","sha256":"1a1ce284e0d2b19d90c1db2b4e710340e5f73f7cc78619cd964828a2818d548c","sha512":"5319498d0f78fd36bb0257b720abdc8c436b80414dcfc26222d3a6ad30e72fae3d96c7bcf5248df5b500a97fd401f14c7ebe9b5edfec877c801d3c0ed3dfa24e","ssdeep":"192:mkgHygW0Je1ZZe1ZfRWrL41QePHX+JsoMMCHAN1BmooMBA1TBmQzqIUg:+HWfrL4tNwJalzdUg","tlshash":"fc32c69335dbaa274be7aa30cae71307f061239354840d80d2a09c66b9719df93ddf1e","size":11925,"data":"","first_seen":"2026-02-05T18:54:06.183601Z","last_seen":"2026-05-30T22:18:32.260819Z","times_seen":8079,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/swp-live-search-client-js-extra","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"38c43fb9933cae75d859e6917349fdf1","sha1":"b0cbbb6d5b36a443f1feb16bfa6b5653079d2189","sha256":"21d8cd94194d03b71c3f16b79b39131afa7fa4cddc9f19b163e8c6a5d8a9933d","sha512":"51e3243d336fe9fd4ea2703534b9814a4fe885136698ca7c6c545c929b5439b5a79f19356c3c9c10265a742c3ef429e17fe13b3af4b9b6ecb7f21d5fb8d47cb9","ssdeep":"","tlshash":"9641ed62e2012c2e906387fa35973c23986bb089efab1940d7f8441c2a55e3c014b568","size":2293,"data":"","first_seen":"2026-05-30T20:39:08.85434Z","last_seen":"2026-05-30T20:39:08.85434Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ef26b5e47e6951f43ecf2b1fc645222","sha1":"081afb52577f6f3bb044fdea6d34a632c3cce7e8","sha256":"50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1","sha512":"a0876397327a5c6b4bca75605fa97ed7243ad78d9fd285f8a55ad2525e1070fdb197d1ae0687b3fb603946bf6dfb567eb3be3a636fb9fca6e36d03055ce7794c","ssdeep":"","tlshash":"6fb09b1d3474e95c48735551903bbf1d75133d33d7401995054c25a15f2866e5043d4d","size":129,"data":"","first_seen":"2023-03-07T01:03:19Z","last_seen":"2026-05-30T22:43:39.537684Z","times_seen":23086,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"7051f6e0199a246e0d543582d9de5364","sha1":"a1a3b44069e4dc8eff3f9bbb06c562a56101732f","sha256":"8b55dae18dcbc546ccf60295b16c7449992bd9c08e7bdc15fb76609d9f47b457","sha512":"3f22d406e8430c8cb9dddbb9432ebe569f0aa5d623ab6e22269778133f19609ea74968c6134e362c1114789a1102e371ebb3236ab2308daf7cc1747fe28a1006","ssdeep":"","tlshash":"5211230af65411f205ec14f0af4ffec23f295b79ce1902721295356d27a4f0ebc56494","size":900,"data":"","first_seen":"2025-12-08T06:49:09.988191Z","last_seen":"2026-05-30T20:39:08.855712Z","times_seen":86,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"bd40e37feffc4aeb562c22bd27e1b42d","sha1":"0ba5cdcedf12e43dfb82b61cc425bac2e95f14ac","sha256":"86d2718ff4bae1c6cc95a4012a2805e250a3fbff1280202d8b06d8055cb2e6f9","sha512":"d0cfbd7a8fe982fa3f8945775d353703b810dfd114fc58e17878949687b28299cb598c8c3db3c41c793dcf1ae83e376ef77130e2dae24f0ac75bbfd97d5a6bf3","ssdeep":"","tlshash":"69019426b4e50b24802b571ef8f3b74db27451c5d7609621d1eb4cfc64eee11a175a07","size":679,"data":"","first_seen":"2026-05-03T19:35:32.20857Z","last_seen":"2026-05-30T20:39:08.856281Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"3c2091703f96f7d61d85414be1de07cc","sha1":"ce7d2b2bd1d48230bfeed822dd353ceaa17060c6","sha256":"1392ac2449f9f5b379d68e5e040af1d2ec3e485ee042e1297d6c9187bc5f56f8","sha512":"d70b8b0df338dfa13df03d0f44eef34d7447ee1beb41b44d2ced2f5561739ad8f8746b4159664284f9ff262967887028f20d4ee18eadd0c72448d08b65c6740a","ssdeep":"","tlshash":"4e11762f289215322e77439927a7d289b932f0370a0ec04ab48cc526cf28d9a5d34b8c","size":1001,"data":"","first_seen":"2026-05-03T19:35:32.210702Z","last_seen":"2026-05-30T20:39:08.858054Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"efe399a4460f5de990ba5faab975bc7b","sha1":"90fa35d3ec8bd4dba0cd7546a3cbfaf0d16b8d71","sha256":"e0e1c6437edace77701fc4b3339c26096f08576a0051a52fa9affd8a892a2905","sha512":"588499a25174a4fd2bc928343a61676afb3177967f6558e42f5472b290d1ac63c0ce508d10482d02fad55e8c19c973c8f34bfd893a5011088bf39fe08c00098d","ssdeep":"","tlshash":"09510e3820b711240b7b23ee47837b897450b12b7cc5d189fb8e87080fd6f949a669ed","size":3040,"data":"","first_seen":"2026-05-03T19:35:32.212461Z","last_seen":"2026-05-30T20:39:08.859381Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/dist/url.min.js?ver=9e178c9516d1222dc834","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"ffe8bdb3ec54f993c7e9baee9d1ed9a3","sha1":"0e0bef568482e927c7fb19840010748de78155c6","sha256":"5653ad7b55bdbf5f3bfe2ba676d50c0642d7017322700ab1369149f231efd417","sha512":"fafb8f6f3e59ffef8b2dd3b2a80eee4812ac019d1dfff8ea8f55b8f1c8e51a04c5dc54e7518db4e985dfb3c8fb93634728dd8e72fd063abd97752c26d5e74b2a","ssdeep":"192:QGxvVeLC4bvbI0Ny4jL4eacD0sF0/d/mwYP16Dc4UQAOoXJoXqVQa/:zxvVibjIQEeacQy0F+wk16AnQA7ooQa/","tlshash":"b20294ad399f64c6d362389100ba5466e37b2b7132df80c69a1a6c813c3376713d2da5","size":8531,"data":"","first_seen":"2025-12-02T22:49:33.810249Z","last_seen":"2026-05-30T22:13:31.903416Z","times_seen":10778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/page.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eeb0bd3e09bd83d569d6d03160612fde","sha1":"6f23c40e93450f29d58b9fcc16d79d742e4e5c2f","sha256":"8afdd81790c4628524f0d259e64a174f77ca9d67806a850e4425d8e78e15a42d","sha512":"4f3b3f5b2c9aadf6c4fc5be7bf1d70959b03fd380b0f017568d1d3081563e5e17e9a65465057b88bb26b58a74d9b5cb2bc1f5f423cd5dee0b82cad5c44b7211f","ssdeep":"","tlshash":"6e61c84f774ef8368e4735b6c5afb61ea223335d98548400c914d8dc8aacdc7116fa79","size":3457,"data":"","first_seen":"2026-05-21T20:24:46.793156Z","last_seen":"2026-05-30T22:36:30.322927Z","times_seen":587,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/adrotate/library/jquery.clicker.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c610b3ebab3ce54f5450cef2cdabc14a","sha1":"af2337dba6432104e8c07fa179b0e03dce3ffc00","sha256":"84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64","sha512":"d28f751e195f79b6b8297ea104d7e3c374e644e868abe04f6ef9284461327ac14023111ee6513633d4b299257f079cbea880dcb3019d58c6e8df0429b7976705","ssdeep":"","tlshash":"80e0c03cf5ec1112ca3735e2453f5d07753ea8016b9b1d8ac29d81521fdc32c348d608","size":373,"data":"","first_seen":"2023-03-10T03:21:06Z","last_seen":"2026-05-30T21:44:09.102145Z","times_seen":1932,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"52921bc2e14da1f322b64bdfafe0f052","sha1":"e54f10b140d996c0641fef2b7d61b8f4fd9d7304","sha256":"feea27c63e1b087d3e8b7f15b9bedc64c19003d06f4191d00ff4ec1bfb407376","sha512":"f2d89cdd7a4f0b408941e6ce302fecdb8d74539139ef8ab5fc5c509f5ae31ec1e56983f898957f8714dc0d4dce88feb5c78e346e07a782db1eeaa564e6ee1952","ssdeep":"","tlshash":"23f0f0abeff706e146cbf1600fdd4b093170542b0609ca053d3c42a08fbed913069ae1","size":598,"data":"","first_seen":"2026-05-03T19:35:32.214238Z","last_seen":"2026-05-30T20:39:08.860924Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.95","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2c8bcf463659ee7bb4994ea94424778","sha1":"77397ddb48f0ddd0f6288cd8570a6390c276eef2","sha256":"b209bc1f2340a849486de9d3b709e8443794ea78086753d84c5cba89a9726ab2","sha512":"808c780f0c2238423d3188ac578d33ef75f44ed08d7ca6fe5ae04bd0a3dd865481de9be72aeb17430b8d72fd3d7cdf98fc63074ab8de087b0b74d73280e15432","ssdeep":"768:4gydMdJjARspdUkhWJjFebIBl812LtvRXyjNMUb5Rv4AtqXV6tVa:X8PvRiSA8lr","tlshash":"07e2d7cdbb89f4751297b2b2a17fb647f73a248a382e5010e124ccd16c7494f9263e5d","size":33649,"data":"","first_seen":"2025-03-28T22:58:30.905752Z","last_seen":"2026-05-30T20:39:08.756124Z","times_seen":142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-C6NCM4X8FY","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d01718f62e22da6d22d74e9ff288f978","sha1":"100e24e9fe72fb64574500c48fa8b0c097ddd63d","sha256":"a3bcfe9594237c5b549fb794e61fe48c2431da112f76c407ae2723c04af78a75","sha512":"42176fbc29acf7d687f5ee7033083c3406a387820336cc3c0cfb41bc0f8f2eabc84c9a285d68021fdd638b38d115ec06296153f40175a29c7cae7c3aa3182810","ssdeep":"6144:vLwRfDNalVf36lwSXbDQCtEhuX7aWCBbn45Ea5V/Qp+:zZlVf36RDQEZ5xE+","tlshash":"eba4f9cdb3d674625396f478503f018ba57b28a2b44cc89af189cce42e7469a4277f7c","size":478797,"data":"","first_seen":"2026-05-30T20:39:08.6918Z","last_seen":"2026-05-30T20:39:08.6918Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/main.js?ver=2.0.28","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d6611ff3405c82e896b145a9f8d515b","sha1":"41da21b9a1b2834538dc99f76a3580e650007c4e","sha256":"f5cb3f272cd3a8f9d02fbc05a32b397e6f471b8d1c74bd7183856f35c8ab3d23","sha512":"64a539e98c05b586746290a223c010ca7aa35904c053a79e1d78982bb249f909eccae31e6ecc258be564d51eaec89e99262fc8ac114e80baea9125aa71cdae2a","ssdeep":"96:7QtvfZzPSyoBqFEQQ5DCpipEg6uyyaUv5blnFN8:8nZzPyBcQJCpipEg6uaUv5brN8","tlshash":"83b195dd769c75b813e721b1003f764ab27324a5ac8980a0c21de5e42c7899b4367faf","size":5194,"data":"","first_seen":"2023-12-25T10:25:34Z","last_seen":"2026-05-30T20:39:08.819256Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/whatsapp.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e8b3ac6bda5451ff39c5ecd6d7b3873","sha1":"fb477a11167000a30e45369e686ec43dd62d026b","sha256":"c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb","sha512":"b9145fa20ccc86c3e3e28ded1df1611ec4bd8ff2fe0d93d392081248d59d77a4982150f85d8ef0b545850ac2a8797a136692e801b23cb26de1227c66e5dd4d24","ssdeep":"","tlshash":"d31100c92110d3a41c97d57edf6e9d46a61f707d75bc24d6039ecb28498f0edb50c845","size":1108,"data":"","first_seen":"2024-04-12T13:25:33Z","last_seen":"2026-05-30T21:47:18.746711Z","times_seen":5090,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ui.cleverwebserver.com/","fqdn":"ui.cleverwebserver.com","domain":"cleverwebserver.com","tld":"com"},"ip":{"addr":"104.18.33.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f312898f7dc6f38953ec935c48dee9b6","sha1":"ce2420228955d98a3f5da50bf3d01865c8d2615b","sha256":"9045f28965b5f576b134039230ef06b0d72d433dad312b504c60aaeda7d7df47","sha512":"4663314c898ac2b3e071d857c46c5a5148da8759a776be8e56297e6e21fdfcd2a05dae8e37714f0f8d0b0a08a56ebcf2089746b942fd90cf1d1f698e14a95085","ssdeep":"","tlshash":"fed0231054de7c035fb7f605170716555ed4c01d1ad46ca5c4f0dd0840949469719778","size":218,"data":"","first_seen":"2026-05-30T20:39:08.75798Z","last_seen":"2026-05-30T20:39:08.75798Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/modules/core.bycdb5qo.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4bd9b59dc4c960c39474eebd5c5c71ed","sha1":"2c3280d47de1fe915e6b33e719adf76e7aade79f","sha256":"67d4d49c9815036a850d409a2c3c927c46d2922f05b22d4713aa644dc8b494fa","sha512":"d018a56bf7a75ee87ed2b65c000a5c3fb026ce403fe1d54fb2f16b1d9012b2afcee7de678ad7de3de770c9ec0fa2b9e48f15a0a6e9a77db1702e94cf644400c8","ssdeep":"1536:C8fKZ0gdDGst00AQVWFiC70egd23OiOybJkbUcA3S/VX1xmeW0gQzbf0u8VI64v:5fDgIuiOnbZAuVX1xmhub8Cv","tlshash":"e9636c9b37055937ba1b30a9a9ffa608a036275ede080950f5a4d4b521fdecd3067f28","size":72927,"data":"","first_seen":"2026-05-21T20:24:46.824918Z","last_seen":"2026-05-30T22:36:30.296099Z","times_seen":583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/815.e63c92833a5f3723714e.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ae562333ddf9f079f1319db2ee79cbd","sha1":"4aab21c7833afebaf2bedac9bb5138c330773a97","sha256":"64a4754f0be24eabe4dda0b51f6f878c02f577b781296c146ef9ff356b87f3c4","sha512":"f8e31c4ba621033f18b3d2daf11825bc2f3965e69f7bfba2fe2b07bf6d3996db458dd384a7b1487389e4d0b33c100bfb7986c15bcefe83522442d02ca73a3ee5","ssdeep":"","tlshash":"62118e2cb353a4630bb7b070b57baa0b56bb2023164559d0e1e5c59c1c79b0bd177ace","size":1059,"data":"","first_seen":"2024-12-07T11:17:27.538696Z","last_seen":"2026-05-30T20:39:08.838619Z","times_seen":305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"90e932bd9e62583fc494c00498cfe7f5","sha1":"4f57e11bff609f90f49174187a0b5a6ba847ad28","sha256":"87cee5f49ba0d3017efc409579fc58b91a717f8f14751f7d804447ac9bcbaf4b","sha512":"ed9c129faf972ddfa705f05c3207884e5e9cd175baa45d49ce9d42bc0d01e4e8f36e627731bdd97214b1e2400fdd5012262a42f9800cd4f5565dbf183ba58507","ssdeep":"96:wXDE/3s/0EBM6ZUUCRTH+zl4NsBjcEmDtrGV2C2yics6w1RfGdzsvqZTq:wzg3kBFZYH+zhjngRw2cLzw1RfGdzsvx","tlshash":"56c153847983b970b2337057f0ff48d561baeba575298081964ec4a05d7388ee0a7abd","size":5661,"data":"","first_seen":"2025-10-27T08:47:54.273294Z","last_seen":"2026-05-30T21:57:45.183255Z","times_seen":190311,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"9206b21ebb5e82ef645b48d00fcd459e","sha1":"e0f57091cf629ab74683bdfcbf0aa4f14c2246a6","sha256":"7961004ec7f1f2a5a7abe30fa05dfe07d8145aa0f33cf40b84f2b009d7100b36","sha512":"4b56e259bc326b2facb11f012f506796a5e924288293be22a4764edd0e69b9e82b3daf663304590c94b83f8eb2f67e89a927bef557c6be0bb6544521cfb85f9b","ssdeep":"","tlshash":"bbc002b8deeae55a64cadb31021c28c5a256e42b0844e384724c98424fb81a46f0abe3","size":193,"data":"","first_seen":"2023-03-07T01:38:25Z","last_seen":"2026-05-30T20:39:08.862468Z","times_seen":2995,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.8.7","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"af5b7583331b0cf98c1da20edcd40ac5","sha1":"f60347d1b7d74c7c533dc8de611fd252e4385c6a","sha256":"76398d9c16dab3310e0ac1a449744be0da52e5b16feeda154f293bdd619f6589","sha512":"748a13842090e40259e61cd8699273d7b3a32eecbcd5d45f3c0990945c0f50c7b758b4e171db0184c16fb68debc91359ecc690abdf19f1f0efb13b79d357e0a3","ssdeep":"192:31vcdrQlGe6UwFM/XqK2xymMRhcNwlSavx6hbwt16Yb30MMf:FvcdrYGxuXwxCJ6hkt8U30MMf","tlshash":"50327168770498b251779ae4b8be3b152223fe1c39454aa8b1fce9d15874d28313eb3d","size":11354,"data":"","first_seen":"2025-12-11T08:46:14.389022Z","last_seen":"2026-05-30T20:39:08.845722Z","times_seen":1391,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/telegram.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"48f25c508c92c3601cf047609318001f","sha1":"59117e825084c63a0dda48edec82c14a60e16f23","sha256":"6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138","sha512":"32ca9e672cb26c5cc9370d32a2739ad99a933a700250e310955b68ca4a974964f22095179d1a56f8f57c160ee6ab4d3ff659b4bba5838879472289b06bf53a42","ssdeep":"","tlshash":"66e02077611084814c2a54bbda1e614f5434f069529d65d3436ac4f754d726f5c12d8b","size":360,"data":"","first_seen":"2023-03-08T15:33:09Z","last_seen":"2026-05-30T22:29:26.412038Z","times_seen":11654,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/a2a.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"baf0595a19bdc7f7497b74731d2166c4","sha1":"fd5714384c52fc0338083574434d12328313896c","sha256":"3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43","sha512":"da0e15a709b3d043e8cd9e4f97cf70d8c1addc2a7d90b6bb11d71cd72aba9133e5b9388528691cf6a354a6aaa346045f64d82b947883057471e1f1a2fdbd1901","ssdeep":"","tlshash":"74c01291501575418c1342fb475e500b167120bd015c14ca36a881f9595613f8c42fc3","size":182,"data":"","first_seen":"2023-03-08T14:25:33Z","last_seen":"2026-05-30T21:47:18.727051Z","times_seen":16323,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/facebook.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"014bcc757e484e12e3aea6c9d768fd4b","sha1":"4c17157d0012f8002e4e6cf77c5f4a9747792cf4","sha256":"4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49","sha512":"b00fab0ce2e56b56c18e0dc54ac3329d77fc18096e63bc2aef34342770f40dac91c10f7a8a9db1dcc5ce42fbafe637fcb1fdd51994ef937aa00923375476d467","ssdeep":"","tlshash":"dae0ab951236d9864d51093ec71fa48fb3b0b67fa1d8298006bc80b289d20fd3e0ba03","size":429,"data":"","first_seen":"2024-04-12T16:11:44Z","last_seen":"2026-05-30T21:47:18.772177Z","times_seen":19270,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/68.612dc7fd3c0d776d0aa2.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"7624fc1b0aacb376891e6d8aed0ddb53","sha1":"5f81b617228e50792383b76d797344d5adeb48fd","sha256":"b478aa012497eb9967719deeab85539932a4385d243304b77c7f3ed84102a63a","sha512":"9a2683724342b312367a63db5765a9f7c97894f81b81de6485943b1c943664e99280f8fbf4d9222deae92ade2593d3cb75367c9a267c5fd567e43ae9a5c0c2b6","ssdeep":"192:qnoJKtTqBYVU+dz9Bvu3Cqvslg6jkgs1xqMgig6jkgsICbkS+J:qPTWEJdz9Fu3CqvKkx/zkT1+J","tlshash":"110295c87ac97a7905df21f995ffa089f76a204ef41e4010f174c8a57c6184352b3bba","size":8417,"data":"","first_seen":"2024-12-26T20:37:55.937605Z","last_seen":"2026-05-30T20:39:08.653246Z","times_seen":186,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/95.9b58e560812076065644.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"40eff1f9a2bc19720127a5bebefd7f24","sha1":"4ac2a45e032c862320428ab40f3dbd2414b5471b","sha256":"0ebe4cbc51091000fdf4cc809309f7692ce0da48d1fe56f6e837284bd44a3f41","sha512":"59e03dac9c7cfb26e06c5bfd91052c3d2c100eeb05ea8494f01035ef24abbf68938a132337da1acfb73ddaf6ff315951f987c74d5aa4872c7fe954ed80b12e23","ssdeep":"","tlshash":"b651b7447654fef712e7a1ddd17f960773383993202db00422645db9c851d8ba0b3b5b","size":3012,"data":"","first_seen":"2024-03-06T22:24:29Z","last_seen":"2026-05-30T20:39:08.677342Z","times_seen":342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/addtoany-core-js-before","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5dab6f39c018aec2d2ac791827e61aa3","sha1":"90cbbba4756f6142e6f2240d86dfc1749e346326","sha256":"b5436d0b4f4faf2abc85eccdc0127c209cff382649b6c1b09a8c80d5310a99f7","sha512":"05c136a68280bb8691c1647b231ef7a375915a7cab2b709490b91640d9a1dada7effd8ca87d43f3f7ce3e557f1c85fd4f4d85e6bcb58cff0c5d476b7f050f7f9","ssdeep":"","tlshash":"4721230af65411f205ec14f0af4ffec23f295b79ce1902721295356d27a4f0ebc56494","size":1211,"data":"","first_seen":"2026-05-30T20:39:08.863148Z","last_seen":"2026-05-30T20:39:08.863148Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a5838d1182eb0b11f5a58bfe26e2529","sha1":"920b2291e65d62eb55c1958911768540abaff5cf","sha256":"d4efe709c65438ae90dff385486421fea45762880f21fc4e0dca3fa96210f428","sha512":"bc41d50cd2e5c17c75ba737c303f2f498cc94e2c3fe402b2f15c5f10531e53633598093da98579b2dee65733dce0f763d77380ae35a9591d8bf91f975b7c6845","ssdeep":"96:L9emIWL7lnv93ssmAeGejQVnmggoC7arVCG0GXF730IQRDdlZq+SxSD3LmD:8mIWZVszMuinmg3rQ8Xd30DDdlZq+Sx3","tlshash":"2bb157dcb9d57022235121a0597fb409f3357d6470ebb8006ba9c4a47eb15cfb1a2fad","size":5314,"data":"","first_seen":"2025-10-27T08:47:54.280246Z","last_seen":"2026-05-30T21:57:45.295853Z","times_seen":187532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-i18n-js-after","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed1e5d0c0fea6c94c64fd7d1ba1b97e6","sha1":"231f0b578ef79c1e0ad11d99a6e2ebe3e474447e","sha256":"b055d4a810303a512812df1c20dee56002b31848870663f427793524f765f498","sha512":"848bc1706c2db152df8ae8d9bda691a2274299be6da69b8e7c08a9ea4cb7c0b84aba102a19a62f0c1e5eb3507e8d99f7a5812e7184fc0a9222ea17327fa5145e","ssdeep":"","tlshash":"682112cbf4ab3d50828fc7b48d23be0145502487c2afd50875e59d3496718c0b4c362f","size":1424,"data":"","first_seen":"2025-12-06T08:44:45.692137Z","last_seen":"2026-05-30T20:39:08.864448Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-api-fetch-js-translations","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc46e4886262090405949d8be2602d5b","sha1":"d6cb5ca2c2ce08e2b89548555691ce9385baa99d","sha256":"c4e92d1b53606db2e339cfaeebce88a5e927d7b3514e5773127c16632eeb372f","sha512":"9d4a7c138da518a87ef4159cc2bce062ce976d9f9c7e126cbe098ec2ad995b8579fbf81ca94481b3726388a9d7967574fdb49c971c69f0cf9f8a6c2c2f0226b8","ssdeep":"","tlshash":"cb517448df70851f46b1a2f439663888e9fca710c3f69805e21a090b07a1a5ca6f375a","size":2452,"data":"","first_seen":"2026-05-30T20:39:08.86519Z","last_seen":"2026-05-30T20:39:08.86519Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/ultp-script-js-extra","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"637c96ef3fc4933109f351d20461f138","sha1":"f2f148152e97a66d3b7d74085725b13e9ee1b33b","sha256":"af66fb9b5c0a87c4238a03ca8a7a4df375758906170f5646bb5263f330b512cf","sha512":"75b5df593c4435c9c2398aeee1068c21a4c00308985fac7209bf6eb79cb725f22b6443b7dee56d5ef92192da7d966c2cb3966cdf0610a4f580240390d00685e4","ssdeep":"","tlshash":"78312b77c5a835edf74776f4541539b84445a0c5cc49e7825f80c58453a0fd4f108005","size":1592,"data":"","first_seen":"2026-05-30T20:39:08.86659Z","last_seen":"2026-05-30T20:39:08.86659Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/418.66ea70734eb9e0d6ad3f.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":false,"md5":"931ba1913f42a9a1a0f013613571c8c4","sha1":"c8b29e8a83ea50bdc5ea15bc16965f52797cf02d","sha256":"6ca3f8b3dc8d4beb66fc7bd15a02fa49a16038d457e6e25b55e50cc30ed6322e","sha512":"588f17295dc0c9b9de4410159e6dfa77f0db0d6fce1b93d9e4c2301fdc8f6812a390c2bb3e01149e623ea3b7b1003dcbed2f7d43a2edabcc34ceabf341527e0e","ssdeep":"","tlshash":"205141c8b255f6f28adae15d823f8602b2343da63469e084a25059d0496099f70bbf7b","size":2768,"data":"","first_seen":"2024-03-06T22:24:29Z","last_seen":"2026-05-30T20:39:08.757375Z","times_seen":453,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"scripts.cleverwebserver.com/ea2e9fa7e5c377283cfa7fb30ae42437.js","fqdn":"scripts.cleverwebserver.com","domain":"cleverwebserver.com","tld":"com"},"ip":{"addr":"104.18.33.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4975df7337fe155819ed6bc687cfff0","sha1":"da9e927b17dd5f2d80a5bfb510f1bbcad1b6a5bd","sha256":"cf4452552dbf95231326825aac740fd9014816f393b9122a44972a0787dbeff8","sha512":"d212944d3a38104687fa4e2787549647e4801f00b16f2716e4f550b5e7864573259313f08e44d7d36b558824e302999ece1d7427488d71e7770bee4dcdb20c2d","ssdeep":"1536:t1up/HVzieymqaH4hWU68N5qgMfUzv6wLZxhqTz+iAqSAQ+Wn:t1wHVziehCEPUukpqS9+u","tlshash":"34b31a4860a3d8ae03b577ae507a895473ab5d17180a44c8f5beced9b49b8c173313bf","size":113526,"data":"","first_seen":"2026-05-30T20:39:08.675077Z","last_seen":"2026-05-30T20:39:08.675077Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=10.1.3","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=10.1.3 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 07 May 2026 14:44:32 GMT\r\nETag: \"2e95-6513b518087c1\"\r\nAccept-Ranges: bytes\r\nContent-Length: 11925\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11925,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1392)","md5":"d358e30e5cdd6d7e2d8238e5fbbd2360","sha1":"7b6f06c33cb8e2410bcaac47618a10d16b34ab90","sha256":"1a1ce284e0d2b19d90c1db2b4e710340e5f73f7cc78619cd964828a2818d548c","sha512":"5319498d0f78fd36bb0257b720abdc8c436b80414dcfc26222d3a6ad30e72fae3d96c7bcf5248df5b500a97fd401f14c7ebe9b5edfec877c801d3c0ed3dfa24e","ssdeep":"192:mkgHygW0Je1ZZe1ZfRWrL41QePHX+JsoMMCHAN1BmooMBA1TBmQzqIUg:+HWfrL4tNwJalzdUg","tlshash":"fc32c69335dbaa274be7aa30cae71307f061239354840d80d2a09c66b9719df93ddf1e","first_seen":"2026-02-05T18:54:06.183601Z","last_seen":"2026-05-30T22:18:32.260819Z","times_seen":8079,"resource_available":true,"data":null}},"time_used":1049,"timings":{"blocked":866,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/1000x300.png","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/1000x300.png HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 21 May 2026 11:28:57 GMT\r\nETag: \"862e5-6525237d53c68\"\r\nAccept-Ranges: bytes\r\nContent-Length: 549605\r\nKeep-Alive: timeout=5, max=86\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":549605,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1998 x 607, 8-bit/color RGBA, non-interlaced","md5":"52d40f0eff8ad4635676efe95b33afb0","sha1":"536e3f917f67c984ded4d9db97142b92098c02fd","sha256":"023191d0751b53f11ca5f9b5a8a01f59d8ed478ccbdd8309d4c7ebaad5e08ff4","sha512":"d67d7ad2fa668340db7868d28fbaf5b94b83991d9ff7d3ed922cf8c0b1fbdcd69fa9ba4871f97dd6a55cbfee05f17e29e0eb2df9f0c9acb0ea39209ed0004482","ssdeep":"12288:I+8prHoiqxTcwYDjBlICMEHK5TY5hPYQzYFsDgObr4YwI+Rb9+:IDrlqxTcjHICMz52hDB9vK+","tlshash":"76c4236b01e6e5e2cc038876a7a87fdf4a0f84dc36c901a4817c35ae5058db5f5abb01","first_seen":"2026-05-30T20:39:08.607256Z","last_seen":"2026-05-30T20:39:08.607256Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2964,"timings":{"blocked":2584,"dns":0,"connect":0,"send":0,"wait":183,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/15eb4962-da56-4ac8-8452-41a6265c3da0-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/15eb4962-da56-4ac8-8452-41a6265c3da0-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 29 May 2026 22:44:55 GMT\r\nETag: \"d993-652fc97fe20a0\"\r\nAccept-Ranges: bytes\r\nContent-Length: 55699\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":55699,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"3784f8ecc71ec531e60d4b31b0f54a05","sha1":"705f3a9f8e8d8cb75e70ab421ef2f385c1ceb185","sha256":"d65ef427e732f6b31ea079f6817f11dd9b2fef90815398c2f5cadeefb423ac59","sha512":"f35c8c7bdb53021e4b4c804372477c3d1e6f1e68fb21cf126009cc7212de324e514eb54a3a4cda8baa611ae28daa54b70eb99c9ed32bd23c722ae4df08499ad7","ssdeep":"768:8QuDPPuYSR94xN/6vUgCCMOfhjy/cqS4ZcfUa9OFezuRWvwJYMiHnB7qo5rdgr:8FPuYSR+NiXXM0jEI3RifOHnB7qoDgr","tlshash":"2f4302b10d478d85eeb99d9b4134b3d7916a88cc35ccf8f95d32d0f74368089a6386d0","first_seen":"2026-05-30T20:39:08.612688Z","last_seen":"2026-05-30T20:39:08.612688Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2286,"timings":{"blocked":2100,"dns":0,"connect":0,"send":0,"wait":183,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-62-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-62-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 28 May 2026 11:57:28 GMT\r\nETag: \"aeee-652df6eb4d435\"\r\nAccept-Ranges: bytes\r\nContent-Length: 44782\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":44782,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"537520a32453b3a8f1e0bf0878a98f4e","sha1":"34c7eea5031bb4a63f9cf8c660534c5fa2aba723","sha256":"a666277410f8ec6cb4d27ca2dd7eff5b950b26fb41d604c5d9872bc632e4c08a","sha512":"d48eed40bd1995246521f5786146e51ad541d99a2654aa092f22a8959c173db374e86ff2e6714a47fb27f73f27d5ab1cca797f3808382c49a52a2a8c4d6b64c0","ssdeep":"768:8p8lQeaNNpnDBzDEZBOv2bR3vQ8VZtICxLec6GnHzvZaF5brDdi/F1QUVz5YLBpj:8qlaNNpdzArOvszRzFfHz8vRq1QUVogQ","tlshash":"f713f16f19737890e510dfeee98b6a7a7619c4cb9c4590245432c2baffdcc9f440862b","first_seen":"2026-05-30T20:39:08.615653Z","last_seen":"2026-05-30T20:39:08.615653Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3579,"timings":{"blocked":3338,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/Captura-de-tela-2026-05-26-104519.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/Captura-de-tela-2026-05-26-104519.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 26 May 2026 14:45:52 GMT\r\nETag: \"d04f-652b98d3b28b3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 53327\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":53327,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 593x429, components 3","md5":"9817e47b4f83f24f52dc5b90cb856377","sha1":"713fc88ff05bbda6f4e79ba39189eb1fec8ad2c9","sha256":"08dcadb344d7e055dd4f40767ecd86a73cbcc39b3ee88450884fa3df2d7273c5","sha512":"afb106e7ab751ac7bf5e7ab5723edd8f717470e541b57d69f5d32a176c35b10bcf23a532d3ac9842c2102d0db322cdd1e0084ffa8a2ce1478531236ece869af4","ssdeep":"1536:k1IkL87gHivodTGjt8Bo0ZA7lTuA5OTAso:KX87RQa88lTuPTS","tlshash":"723302283dd1ae35308381be1082cfa6c9d2e7937763868d216178f9bb45a376cd17e4","first_seen":"2026-05-30T20:39:08.618527Z","last_seen":"2026-05-30T20:39:08.618527Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1528,"timings":{"blocked":1342,"dns":0,"connect":0,"send":0,"wait":185,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5738-300x200.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5738-300x200.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 28 May 2026 01:43:42 GMT\r\nETag: \"2986-652d6dbafd26d\"\r\nAccept-Ranges: bytes\r\nContent-Length: 10630\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10630,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x200, components 3","md5":"4e66fe750a9737a552550fd10427f2f4","sha1":"962032e432a61840ab68c5884078a2b81460d933","sha256":"7f72e009d1642dafcc8a93dfd03443a1fc813a172caebb2349d8d86f0d0f488f","sha512":"508ac7fb68f4b6bf81dbf1733c4dd10b3f0fa33f747d9f708cb182fab8c29a83a9f6b503e9dd5302fd93e4fc4e1de43b041f843d7cabd806fd19547c2a37a3a5","ssdeep":"192:/wzLGpw59w9JaAyTJYbmDsoTpWrLVaWbCI9z8r5jdoZFb3jdhxb:4zHtf7unpbCuAafbT9","tlshash":"7322be4a372882c4182adcc7360d2dbcc25891843d6b280f9539c87c9f04ee8754b7e9","first_seen":"2026-05-30T20:39:08.620757Z","last_seen":"2026-05-30T20:39:08.620757Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4891,"timings":{"blocked":4683,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/ultimate-post/assets/js/ultp.min.js?ver=3.2.4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/ultimate-post/assets/js/ultp.min.js?ver=3.2.4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 21 Mar 2024 22:35:27 GMT\r\nETag: \"11fd2-6143352f25f5d\"\r\nAccept-Ranges: bytes\r\nContent-Length: 73682\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":73682,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"55d5eb011d30065762712a4579a621a3","sha1":"0f2941316bf36278a4a291bb40373334476aa88b","sha256":"4f505becb8a3bcb78c19a3f4bd91789606880568010b5040db5fcc12133ab828","sha512":"f54c2ff92128a2a89900d7ffde3c9e9c954713f5fc202042bc26321c11afa93e3481e537b55f0e2dca02ae57a8d57cff504ae896ee63f2467b59c161405f8a48","ssdeep":"1536:h0t0g0d0v0dRxEI2V5h5OWf3N15pJyhTyZZgQSZ03xf+VFjC5g0S3ZiHTtZvBosX:h0t0g0d0v0URhN/yhTyi7OpJgPY","tlshash":"3973b709a64427b144e711e12016d809a3f7be35e60381e472c9c7fa166ed8ca5fbbf7","first_seen":"2023-12-02T02:20:27Z","last_seen":"2026-05-30T20:39:08.622734Z","times_seen":33,"resource_available":true,"data":null}},"time_used":1062,"timings":{"blocked":876,"dns":0,"connect":0,"send":0,"wait":184,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/921.5514159e238824c4aec6.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/921.5514159e238824c4aec6.js HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511; clever-counter-95947=0-1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"198a-6326ccb15ff28\"\r\nAccept-Ranges: bytes\r\nContent-Length: 6538\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":6538,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6538), with no line terminators","md5":"400b67c820e574275bbaeb9a8676eca9","sha1":"3792a14d995c896ec1475b6dd456cdfce869ffde","sha256":"5fe0d6e0c180c16537c63538da2781175cea66054f03dfe8bcb2e40a0e967f75","sha512":"ebfed569c629559e4cc2e3c0c9c2be8828d7eb8af949c599b8f72a999876ab8771143469b42a9fe55ff6eda21f4f4ecfe654618683ba458a178ce2bed58deef4","ssdeep":"192:xUQgOYY6wFYR/jBK2s2O2Xu0XWrMIQmb9X1wwKI3qUH8NUC:x9j6gYR/3s21XvXuMitqlUC","tlshash":"96d161edf684b9b646ea76ba937fa10cf37b24d2710b4460642a84d41c358c711b3fb9","first_seen":"2024-10-11T08:54:05.225678Z","last_seen":"2026-05-30T20:39:08.624929Z","times_seen":1037,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2023/12/hospital-regional-pm-990x556-1-870x556.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2023/12/hospital-regional-pm-990x556-1-870x556.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 18:03:31 GMT\r\nETag: \"16db2-612eda8f576e3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 93618\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":93618,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 870x556, components 3","md5":"e123dc2eeb8239e01becee5cc85cf792","sha1":"c70484a3f9569dbe1a59a8b767cc07d7530d5a7d","sha256":"663c298dc638e89838c4a520511bdc6dfc5999e96f9a542142836febebb42f87","sha512":"0b03afaa4122ac61393db171fb7e54e97f7e5c293c6ad81e9cc4618f05e9114d72828f2370fd33129a7ba9450a1f531274211f83f090d449d681260b60ffbc28","ssdeep":"1536:KBNngIPUlFKnD/akc3fppnpUTK8APcRZSG9j9MzMSAQQLeVu64wFbYXtL33YHXXP:KBlgUUlFUD/akc3BB8At2j9MzMlLP64S","tlshash":"8e9312fdce51b752c6237e34bb0eb8352005ce62a0754f88b7f2b5b322f4541aa75864","first_seen":"2026-05-30T20:39:08.62574Z","last_seen":"2026-05-30T20:39:08.62574Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2515,"timings":{"blocked":2305,"dns":0,"connect":0,"send":0,"wait":207,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/10/Racon-Banner-site-animado.mp4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:34.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/Racon-Banner-site-animado.mp4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=1671168-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511; clever-counter-95947=0-1\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 15 Oct 2025 22:16:38 GMT\r\nETag: \"19dacb-64139dab4f9af\"\r\nAccept-Ranges: bytes\r\nContent-Length: 23243\r\nContent-Range: bytes 1671168-1694410/1694411\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":23243,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"4385b0adb9b83931d192c0bfe44a48e3","sha1":"b90609fd3c490a1705dd6cf00633d134eff85c96","sha256":"036478d49cfdef843a08d6de4c8d967af245b458c7d0bf419f5f5bdd42455522","sha512":"d50ecd2692c05819a204dcb3fcd32fe1180ce5ad78c7d3bad0d3c043286012a8a8b6f98320d2913709210f5e2bc43c6d263e9dc7d163931aa31d6516f3e9c74a","ssdeep":"384:wcWZV46ov4LGdda6A4SoZl26oynoD2dh+Aly3//SeMFwgYwH7KooooF1MG6pHNqU:+V463SgmZ46dnoDghRleSeMWLqFF","tlshash":"e7a2dfd2b7391026f098273e10f7e314b331c5f5a587070f17e5b6a4bc2aa94ace3949","first_seen":"2026-05-03T19:35:32.14019Z","last_seen":"2026-05-30T20:39:08.627331Z","times_seen":2,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":54,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2022/05/cropped-favicon-1-32x32.png","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:36.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/cropped-favicon-1-32x32.png HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511; clever-counter-95947=0-1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:37 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 18:38:04 GMT\r\nETag: \"12b-612ee247dc95c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 299\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":299,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"07faff695b811ea6cbd876f062c3d3dc","sha1":"2495d1658a50b09d0a7a6b89adfddd0bb428008c","sha256":"78697a859ee719453c127d4a5c78687ffec96faa173514b2471a99362ce266d1","sha512":"ff9c9ecc1d4095c971cf245115b8c357eb347a8fdb1930b8e988207bb95a593723dbc2f1918075dbf8dd42b576b672415befe9b30439f8a6fd9f792c76a4a18d","ssdeep":"","tlshash":"9ee0ebf089048feee5052a27b02271f1e432b86c002102b8000fcabd0f4a85da8a27c2","first_seen":"2026-05-03T19:35:32.169086Z","last_seen":"2026-05-30T20:39:08.629459Z","times_seen":2,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.7.10","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/post-views-counter/css/frontend.css?ver=1.7.10 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:31 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 07 May 2026 14:47:47 GMT\r\nETag: \"444-6513b5d1cae5f\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1092\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1092,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1091)","md5":"1ae2b2895a8976da80c9a1afa6a98e23","sha1":"cdc51973f349a7470b1e07a433404b2cc3188dad","sha256":"3c1471d998343a52beddef0f1477cd866e98a09b3ba2bc65da1cdc02a716a8f3","sha512":"13a8fe1516cd20434667e0cc72d465c6eb4afe3d47ae57d48ec5ce4c3b64ebeecdebb71b649928c5f85007c361198b2a2c691e1c281f2e6e31af1b32a5375866","ssdeep":"","tlshash":"0311aa3e8121b408b33f870a66cd66891839764370b21e4dffc6b912a7265ce3219741","first_seen":"2025-12-20T04:36:47.793054Z","last_seen":"2026-05-30T21:32:16.736348Z","times_seen":1641,"resource_available":false,"data":null}},"time_used":1290,"timings":{"blocked":551,"dns":1,"connect":181,"send":0,"wait":182,"receive":0,"ssl":372},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/02/Fotografia-de-Retrato-Corporativo-de-Leandro-Viegas-Fotografo-Sergio-Simoes-de-Rondonopolis-110-copiar-editado-2--scaled-e1772136249566-870x570.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/02/Fotografia-de-Retrato-Corporativo-de-Leandro-Viegas-Fotografo-Sergio-Simoes-de-Rondonopolis-110-copiar-editado-2--scaled-e1772136249566-870x570.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 26 Feb 2026 20:04:10 GMT\r\nETag: \"b6fd-64bbf9fb184f9\"\r\nAccept-Ranges: bytes\r\nContent-Length: 46845\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":46845,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"846e1b25b2146519894f967dbd790f4c","sha1":"733b21964eabc8769d8729f64bd6aa23f253b509","sha256":"f2fdd99aba18442a84f79fcdf3988ed12756e770c832d090560065fc3ea2ae11","sha512":"e7bfd7917ae9d0e952213fc6cee0bcc1f9514fc0ccdf491d6f9a83a5793085e7900dc837520ec04fc5f139a1716e51837ed03d7a961c80136349c35da0922751","ssdeep":"768:8fCsDc/zpKaRg9tEvd0ED1ThOihnrWuL8PjbCMOVHRk7/Z3x5uMz+t6tSYpie/M2:8qsDc/VtRKtarWuL8fKx03n+thu4qcA1","tlshash":"4323f2951812f88f8a6e1a204e16784bf2dc9b67a440e8c4e675fcd609c0af079dd7ed","first_seen":"2026-05-03T19:35:32.123936Z","last_seen":"2026-05-30T20:39:08.643196Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4483,"timings":{"blocked":4298,"dns":0,"connect":0,"send":0,"wait":183,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/09/8022246380001w-660x372.jpg.webp","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/09/8022246380001w-660x372.jpg.webp HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 16 Sep 2025 20:16:33 GMT\r\nETag: \"390a-63ef0cbe18b4c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 14602\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: image/webp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":14602,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 660x372, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"13992ce88a79cf150e6231305576bf34","sha1":"eff9f62696d803184c8c1f9c23e96f7347e37774","sha256":"055690aaecd123484b233407a294d982bea44a91373ab8547e5ffb0381e22550","sha512":"2729be0545703ff01a2080b920ebddcdbe7abd106d610974b6682d1519f4dfc79a9bf2da85143ef243e2c24a9150d20414b0f9b3073765b2f6e9c22059af87e6","ssdeep":"384:OP02dqfqWsWZF+pk/3vMrCDrBOCucOtP46PO:a0GQqjoek/f8CJOCucc46m","tlshash":"6162d144facb7237f45fd01e25a711a2029dc993e42fd0c984d2e553dd9aad603b2358","first_seen":"2026-05-03T19:35:32.028458Z","last_seen":"2026-05-30T20:39:08.646119Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4578,"timings":{"blocked":4372,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/03/prefeitura-banner-marco-2026.mp4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/03/prefeitura-banner-marco-2026.mp4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 18 Mar 2026 13:02:08 GMT\r\nETag: \"327ff-64d4c0f3c5fd2\"\r\nAccept-Ranges: bytes\r\nContent-Length: 206847\r\nContent-Range: bytes 0-206846/206847\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":143868,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"eeb6b7b25206afc7580a3aea597cc13a","sha1":"0ca5b8bb28997c0ab61204b2c39adba105724db9","sha256":"2f6d7c81654b6270a0fc728fcc6c3f48743eefb3c287def459d0432850fefa6a","sha512":"b96721ae2fddb3861b09065436cd26a22440d9b491f440073b299a62a78920930416db7e3cef2a38b5c40fdc383a56363b105ee35c31a2b35e82c655e17a6244","ssdeep":"3072:wVtPRWj+jnEKGmNC0UyJd6Pvr6CiTdmXDMwAxSXh0:qtPm5r+MPvrbixmXDMwySX2","tlshash":"ece312d859ee7450f82d0a31d3e45651cbb3417ca76b2faecc2ebec07d989a79801b11","first_seen":"2026-05-30T20:39:08.650724Z","last_seen":"2026-05-30T20:39:08.650724Z","times_seen":1,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":186,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/68.612dc7fd3c0d776d0aa2.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/68.612dc7fd3c0d776d0aa2.js HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"20e1-6326ccb15fb40\"\r\nAccept-Ranges: bytes\r\nContent-Length: 8417\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8417,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8417), with no line terminators","md5":"7624fc1b0aacb376891e6d8aed0ddb53","sha1":"5f81b617228e50792383b76d797344d5adeb48fd","sha256":"b478aa012497eb9967719deeab85539932a4385d243304b77c7f3ed84102a63a","sha512":"9a2683724342b312367a63db5765a9f7c97894f81b81de6485943b1c943664e99280f8fbf4d9222deae92ade2593d3cb75367c9a267c5fd567e43ae9a5c0c2b6","ssdeep":"192:qnoJKtTqBYVU+dz9Bvu3Cqvslg6jkgs1xqMgig6jkgsICbkS+J:qPTWEJdz9Fu3CqvKkx/zkT1+J","tlshash":"110295c87ac97a7905df21f995ffa089f76a204ef41e4010f174c8a57c6184352b3bba","first_seen":"2024-12-26T20:37:55.937605Z","last_seen":"2026-05-30T20:39:08.653246Z","times_seen":186,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":99,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/exposul-2026-300x200.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/exposul-2026-300x200.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 26 May 2026 19:10:45 GMT\r\nETag: \"485c-652bd40902585\"\r\nAccept-Ranges: bytes\r\nContent-Length: 18524\r\nKeep-Alive: timeout=5, max=82\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":18524,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x200, components 3","md5":"9de1442b47be42d896618b4f6f7ea77a","sha1":"f7d73973754c02fcca31e48feeda22d956538e8b","sha256":"945ea20a2715fccc113b7c0967c4cfafbf70c58ada1fc868f1273cf6d06a5441","sha512":"dca63c0374b1a78e5b244f9861aca722112a9dcd3776ba070859528134f7f94ceb958ed46d61f8c784d5bf2e3b23e15d5ba19f07c6e1af10ad1530ed345caa99","ssdeep":"384:4vA97R2sgSxTYwHnACDlNao5MyTbLDnKtot2MW5I++egn9NU6g8SgzCM/:4vk7sId/v5MyHcoiieO9Gp8SgGM/","tlshash":"5f82d00d235af31738f68ddf457b0e1c724af6d073e24f81a5b9cae01aa0dea684d548","first_seen":"2026-05-30T20:39:08.654746Z","last_seen":"2026-05-30T20:39:08.654746Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4970,"timings":{"blocked":4762,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/sm.25.html#type=core\u0026event=load","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/sm.25.html HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-type: text/html; charset=utf-8\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000, immutable\r\npriority: u=4,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HXCuSDd3YPsmQXz0dtJ5TvI%2F7o%2BAfOdgigLa%2Fiivasf3Id%2F1YM%2BUzRM3vokndT1Pv9jgOKS1Q8WZSjLdRS13e0o5IDokruEM03SgvCYmWld9jNwPTtkaGeddOg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"551efc5187c9f500b4e394155ba03720\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\nage: 5734\r\ncf-ray: a0408b08bda65fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":716,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (624)","md5":"41b7ed0cbe240173eea85148fcba633e","sha1":"39acd5fe099974486a1c9ba11ba0fe7be6bc97ca","sha256":"274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad","sha512":"1ee1d21b138a9f55f823b93d809b3bc58453ddfc3b3ee4d00a1010bbd4ec296546277c6777819cfb744c393ba93fe7578b60ccf0259fd17901f4542714d6c06f","ssdeep":"","tlshash":"c701448bf415382d9673172434e93d89d87e93609c402730b28f62e746c47e75b07b95","first_seen":"2024-01-05T10:14:09Z","last_seen":"2026-05-30T22:36:30.23013Z","times_seen":44027,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 09 Jun 2023 08:49:24 GMT\r\nETag: \"3509-5fdae721a0d00\"\r\nAccept-Ranges: bytes\r\nContent-Length: 13577\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-05-30T22:01:38.06974Z","times_seen":807581,"resource_available":true,"data":null}},"time_used":1221,"timings":{"blocked":1014,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5430-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5430-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 22 May 2026 02:15:34 GMT\r\nETag: \"16407-6525e9a948edc\"\r\nAccept-Ranges: bytes\r\nContent-Length: 91143\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":91143,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"9322c036cb06cde84aefb6cc240a0b5b","sha1":"ce494199c55ea04b8213edd1fac2e31c44053eab","sha256":"b1e93fdcb679d49a0d29c62b40a9fc4e8dc964809858586c07cb2324998e2186","sha512":"aaa40d3e92f8102641e0b747ed0a28204d692a29700c396283a8d07e7e076d5a1b756cbc88ee1c2d1d7b6c55b75bc7b0a1687f5dd04ef34c572057c109382cea","ssdeep":"1536:8yhIdFXkXyw5duJYN41uf5LBCzXYJhKXDo4u8m7BTraSblXM8YywpYd72xg0I/Hs:2fXkXynHyLBGtDoz8QJRXMLpM72m0V4i","tlshash":"419312627dcc5ff7ee91c0851953d0296401a2663e94a1680fb6953e06c84c7afafeca","first_seen":"2026-05-30T20:39:08.659143Z","last_seen":"2026-05-30T20:39:08.659143Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1888,"timings":{"blocked":1339,"dns":0,"connect":0,"send":0,"wait":185,"receive":364,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-4-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-4-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 May 2026 00:41:36 GMT\r\nETag: \"11f95-651074f3f9b79\"\r\nAccept-Ranges: bytes\r\nContent-Length: 73621\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":73621,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"972ad37561e92a8aa9af009665406317","sha1":"9abe10be32d54f8466bed964d39254bdc6c3495c","sha256":"51832ed04e501b0f7209c984d6027beaf52d513fe7e18a05de4961f2434b43c3","sha512":"ec7ffd06c3a23aae8d16dd1aa5b3ef85f68beba7019acc7fa0c5d5a93bba62d891cbc90310ec53b66c3b4e42e87b8cbf41f275284d324578740e34e1b0384caf","ssdeep":"1536:8gaUrJ8DNJiQoR4kXOvLAbOAty08fgYSx+GpWwFzxpU4dmXuNgJA1RLeJl:uUNwJiFXMAbOAtb8IYu7zxO4M+NgJATE","tlshash":"727312bde28dfec5bd244cb73462336a32df21b59594891496bed314e29b6c879c3302","first_seen":"2026-05-30T20:39:08.661427Z","last_seen":"2026-05-30T20:39:08.661427Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4169,"timings":{"blocked":3959,"dns":0,"connect":0,"send":0,"wait":207,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/553f63f6-a27b-438c-9c80-b728fdb6c8c4-300x225.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/553f63f6-a27b-438c-9c80-b728fdb6c8c4-300x225.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 28 May 2026 12:32:58 GMT\r\nETag: \"4bc1-652dfeda5d49a\"\r\nAccept-Ranges: bytes\r\nContent-Length: 19393\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":19393,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x225, components 3","md5":"7862866f4593590f263fde9e338f9492","sha1":"7571ac6c665e84eb07302c58ada12b2d37961e21","sha256":"a42ba6fa44a7062dfe369356a4af96bb9bc452180977d9389e96f33830d52e2b","sha512":"24c527011cd4cdc120823de4b6941569652bb498828ac2bb374466f1025a472da72e50d311c89afe9f6c9e08d59fd16885c1659dc8b9d0397a50b6419051920c","ssdeep":"384:hXpGIGWPcFmbJ+tZZUc/ZdHTNp26LgSABBmt3O:hXpGIGW0FmAtZZUOL3UBmtO","tlshash":"fd92d033776a86c541c68f3c22432eac8c3c1ba134d499456ef9eed111b29dacc963bd","first_seen":"2026-05-30T20:39:08.66398Z","last_seen":"2026-05-30T20:39:08.66398Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4806,"timings":{"blocked":4623,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/988750e1-8a38-40e4-94cf-cca82f3e0bd5-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/988750e1-8a38-40e4-94cf-cca82f3e0bd5-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 28 May 2026 18:29:01 GMT\r\nETag: \"1d1b5-652e4e6fb8c7c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 119221\r\nKeep-Alive: timeout=5, max=84\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":119221,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"9c6dbd2b9e9a38e0a27b565c78cbaae2","sha1":"d34c2e0a09a2387bb9f5bd2fea11a51f7da52d56","sha256":"edad0222e755cbb92484cd110ca930941e65761503e7363ac49bef90a37b5403","sha512":"2e6b7f3d6f241438b3b78974c0f7efc2be58648115b574fe17eeaf3b0c2d137e1424a3b5a1f208b3af8280fa3cad16954d0645f2e67f8784fa58bb32dc102e47","ssdeep":"1536:80jupSdfum3pv2jkf7ituaIVtSbprKz5JP45zqE3/+kh+JftborDUAJfjIdoLEiW:sGmm5vH7iF2OKzpr1EfJJWvi6OO","tlshash":"27c3127ba865c8d6cf415c9dd090e8b5153778430bf2e58c123ebb8397c5ca497b28ea","first_seen":"2026-05-30T20:39:08.666439Z","last_seen":"2026-05-30T20:39:08.666439Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3315,"timings":{"blocked":3129,"dns":0,"connect":0,"send":0,"wait":183,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-61-300x246.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-61-300x246.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 27 May 2026 19:50:09 GMT\r\nETag: \"36f9-652d1eb4e32ac\"\r\nAccept-Ranges: bytes\r\nContent-Length: 14073\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":14073,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x246, components 3","md5":"e9e049d0d9a7434c4e0d17665eb46ee1","sha1":"e2135886b6e9f905a4a7f27ca7b5f8ab1aba69fd","sha256":"ed4ea4615a00cb7bf4b8d665e6bf86ea0106d4d877845b1906d34b723b174696","sha512":"ab5d0f8b243c8eca1dbccbb016003d81917b7a679a5cefef448ed521ad99edaf4f843f3cbbdb1fb229d0dfe818c5af8e687222d5b14f01caeb974df5837cfedf","ssdeep":"384:KBDa8M7Ugz5pKljlgk3IuyuB8QbA07Kl5FfG+Lr:KBK7Ugz54UVQs5lvt","tlshash":"8b52d0315401526018fbaca6dacf1aa717473f4a9d30d70d2532d8c3a5a75d9ed885ce","first_seen":"2026-05-30T20:39:08.668405Z","last_seen":"2026-05-30T20:39:08.668405Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5097,"timings":{"blocked":4890,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"call.cleverwebserver.com/?id=95947\u0026c=NO\u0026r=03\u0026l=182\u0026b=Firefox\u0026bv=0\u0026os=Win10\u0026mob=0\u0026v=2.66.0\u0026lg=en-US\u0026ref=aHR0cHM6Ly9yZ3RuZXdzLmNvbS5ici8%3D\u0026ruri=\u0026s=78b408f39c8e560648dbcfa29049273cfcdb1c39584a0851c78df4d1f220924b\u0026e=78rGFqhk\u0026st=W\u0026iv=-1","fqdn":"call.cleverwebserver.com","domain":"cleverwebserver.com","tld":"com"},"ip":{"addr":"104.18.33.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cleverwebserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 May 2026 08:42:32 GMT","end":"Sat, 08 Aug 2026 09:42:27 GMT"},"fingerprint":{"sha1":"C5:AD:92:0C:33:CC:C5:20:2D:5A:53:36:25:72:86:F4:A9:0D:56:18","sha256":"EA:7E:B0:65:20:7D:14:E4:7F:C7:89:41:BB:2E:83:D0:A1:D8:05:61:20:C6:D2:53:C7:E5:DD:79:C1:95:7E:99"}}},"request":{"raw":"GET /?id=95947\u0026c=NO\u0026r=03\u0026l=182\u0026b=Firefox\u0026bv=0\u0026os=Win10\u0026mob=0\u0026v=2.66.0\u0026lg=en-US\u0026ref=aHR0cHM6Ly9yZ3RuZXdzLmNvbS5ici8%3D\u0026ruri=\u0026s=78b408f39c8e560648dbcfa29049273cfcdb1c39584a0851c78df4d1f220924b\u0026e=78rGFqhk\u0026st=W\u0026iv=-1 HTTP/1.1\r\nHost: call.cleverwebserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rgtnews.com.br/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: a0408b0b1f2ab518-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"57f187c7a868faeac558007a8eb6cb2e","sha1":"11ab10ab109fdb53d91d444ac781101f5a6360c6","sha256":"aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22","sha512":"3844065e1dd778a05e8cc39901fbf3191ded380d594359df137901ec56ca52e03d57eb60acc2421a0ee74f0733bbb5d781b7744685c26fb013a236f49b02fed3","ssdeep":"","tlshash":"5f900407c1500051c151c4310444cf1017407570010d030d50dc1055dc1715d0d01100","first_seen":"2023-04-07T09:22:11Z","last_seen":"2026-05-30T22:07:44.448286Z","times_seen":64019,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 28 Aug 2023 20:14:24 GMT\r\nETag: \"15601-6040157284800\"\r\nAccept-Ranges: bytes\r\nContent-Length: 87553\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-05-30T22:01:38.018395Z","times_seen":875074,"resource_available":true,"data":null}},"time_used":1412,"timings":{"blocked":867,"dns":0,"connect":0,"send":0,"wait":182,"receive":363,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5868-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5868-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 30 May 2026 12:59:14 GMT\r\nETag: \"14b56-65308874a0d3c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 84822\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":84822,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"929f642dc79d26bf1e04328a311e85c7","sha1":"02d9e27e6556b1e9fd406825bdfdaf000fb6e7ff","sha256":"d0fe55074dbd22905cf34e313ec5aa7fe55d077dba0212717cd832f6f301d276","sha512":"0893e15cbb891072005b544781248f18c8949bff68ff780f6c7f99741abafb8c9371499fc6dfb73c48558cce89e73ebbe7f7568d1da39dc45b0c19deb175b295","ssdeep":"1536:8hiHft9uVT+uLOHcOCxPezOLmIoaX2YIlQasSTQypD5LsZSe5lMiOLqO9:qi1ARNLOHdCkumI3JcQatFze7MzLZ","tlshash":"858312aae1014ed3101fef8d6e0f4887a6db1763b24692a5efc8d5552c5c3efc4c2866","first_seen":"2026-05-30T20:39:08.673035Z","last_seen":"2026-05-30T20:39:08.673035Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2469,"timings":{"blocked":2284,"dns":0,"connect":0,"send":0,"wait":182,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"scripts.cleverwebserver.com/ea2e9fa7e5c377283cfa7fb30ae42437.js","fqdn":"scripts.cleverwebserver.com","domain":"cleverwebserver.com","tld":"com"},"ip":{"addr":"104.18.33.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:32.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cleverwebserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 May 2026 08:42:32 GMT","end":"Sat, 08 Aug 2026 09:42:27 GMT"},"fingerprint":{"sha1":"C5:AD:92:0C:33:CC:C5:20:2D:5A:53:36:25:72:86:F4:A9:0D:56:18","sha256":"EA:7E:B0:65:20:7D:14:E4:7F:C7:89:41:BB:2E:83:D0:A1:D8:05:61:20:C6:D2:53:C7:E5:DD:79:C1:95:7E:99"}}},"request":{"raw":"GET /ea2e9fa7e5c377283cfa7fb30ae42437.js HTTP/1.1\r\nHost: scripts.cleverwebserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncontent-type: application/javascript\r\nx-amz-id-2: oEUqZGIrfWqLRsklTB+YvNtZiymWf6Z9qiBKjyobDywLHmrob5aE2fZqMjb82aAPMT7w0tARU1E=\r\nx-amz-request-id: 099620B94W88VHWX\r\nlast-modified: Mon, 25 May 2026 10:56:36 GMT\r\nx-amz-version-id: K11mWTN2DXafu.Z7XukQwro.CVWkmSw.\r\nserver: cloudflare\r\ncache-control: public, max-age=1800\r\nexpires: Sat, 30 May 2026 21:08:33 GMT\r\ncf-cache-status: HIT\r\netag: W/\"d4975df7337fe155819ed6bc687cfff0\"\r\ncontent-encoding: br\r\ncf-ray: a0408b087d04b518-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":113526,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d4975df7337fe155819ed6bc687cfff0","sha1":"da9e927b17dd5f2d80a5bfb510f1bbcad1b6a5bd","sha256":"cf4452552dbf95231326825aac740fd9014816f393b9122a44972a0787dbeff8","sha512":"d212944d3a38104687fa4e2787549647e4801f00b16f2716e4f550b5e7864573259313f08e44d7d36b558824e302999ece1d7427488d71e7770bee4dcdb20c2d","ssdeep":"1536:t1up/HVzieymqaH4hWU68N5qgMfUzv6wLZxhqTz+iAqSAQ+Wn:t1wHVziehCEPUukpqS9+u","tlshash":"34b31a4860a3d8ae03b577ae507a895473ab5d17180a44c8f5beced9b49b8c173313bf","first_seen":"2026-05-30T20:39:08.675077Z","last_seen":"2026-05-30T20:39:08.675077Z","times_seen":1,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":75,"dns":59,"connect":1,"send":0,"wait":77,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/95.9b58e560812076065644.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/95.9b58e560812076065644.js HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"bc4-6326ccb15ff28\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3012\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3012,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3012), with no line terminators","md5":"40eff1f9a2bc19720127a5bebefd7f24","sha1":"4ac2a45e032c862320428ab40f3dbd2414b5471b","sha256":"0ebe4cbc51091000fdf4cc809309f7692ce0da48d1fe56f6e837284bd44a3f41","sha512":"59e03dac9c7cfb26e06c5bfd91052c3d2c100eeb05ea8494f01035ef24abbf68938a132337da1acfb73ddaf6ff315951f987c74d5aa4872c7fe954ed80b12e23","ssdeep":"","tlshash":"b651b7447654fef712e7a1ddd17f960773383993202db00422645db9c851d8ba0b3b5b","first_seen":"2024-03-06T22:24:29Z","last_seen":"2026-05-30T20:39:08.677342Z","times_seen":342,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":114,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/blocksy-companion-pro/static/bundle/sticky.js?ver=2.0.95","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/blocksy-companion-pro/static/bundle/sticky.js?ver=2.0.95 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511; clever-counter-95947=0-1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 19:15:36 GMT\r\nETag: \"3a8e-612eeaabc0c86\"\r\nAccept-Ranges: bytes\r\nContent-Length: 14990\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":14990,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14990), with no line terminators","md5":"5985978e43c567ddd51b9fd60f8edf08","sha1":"a20c105a7901eb9d88e35436013efa8cc774cc07","sha256":"96f071e438795b8d647e5b5beba0a42df5d9a1b72ab9820436ea26f45ce56af0","sha512":"6abc183a1116902f8b3caf69e3e1f903cd5265e5d4caa9cdd1d0dbb1d7f01f2a2dfb63a004a594ad0148ae4f6a2b58211a70c4f09726b69009b99f708149c303","ssdeep":"192:mgA2CpH/6cYdiCp/SCpQEmCpSyCpUCjVAAv4v0nUylnXIaXH6jBzYbDlP2v3:mkCdk4CsCUCRCRHDJ16","tlshash":"f762c76873917435d2a770e6402f950af6b7764db5cf8080e206cca67cfcc8751abe6a","first_seen":"2023-11-29T15:01:59Z","last_seen":"2026-05-30T20:39:08.67827Z","times_seen":130,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/facebook.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/svg/icons/facebook.js HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.addtoany.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7776000, stale-while-revalidate=30, public\r\npriority: u=3,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MgOVViwjKu%2B1vclUFb%2Bmyrb%2FmFczOu%2Fgs1Uyw9oCnbVtvCGr5PGjczU46rfF%2B%2Bt7OzKoMhAnYRtwwRZwM%2Ft83ohuTVzDB4KzQijtNfttaCaacdKNCKD4a2%2FoMklRDTZhThMdDWsA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68925fa8e347041c6006837e73c518bc\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncf-ray: a0408b099db55fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":429,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (429), with no line terminators","md5":"014bcc757e484e12e3aea6c9d768fd4b","sha1":"4c17157d0012f8002e4e6cf77c5f4a9747792cf4","sha256":"4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49","sha512":"b00fab0ce2e56b56c18e0dc54ac3329d77fc18096e63bc2aef34342770f40dac91c10f7a8a9db1dcc5ce42fbafe637fcb1fdd51994ef937aa00923375476d467","ssdeep":"","tlshash":"dae0ab951236d9864d51093ec71fa48fb3b0b67fa1d8298006bc80b289d20fd3e0ba03","first_seen":"2024-04-12T16:11:44Z","last_seen":"2026-05-30T21:47:18.772177Z","times_seen":19270,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/searchwp-live-ajax-search/assets/styles/style.min.css?ver=1.8.7","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/searchwp-live-ajax-search/assets/styles/style.min.css?ver=1.8.7 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 07 May 2026 14:48:05 GMT\r\nETag: \"9b1-6513b5e38ed12\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2481\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2481,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2481), with no line terminators","md5":"3b9e07491b3a14d0b858e7a39387dc58","sha1":"4dad99a051ae7b01e23684fdce52a7583fd5108d","sha256":"4207402c86fd7319d7f65a5676dd48f5dc0ba1b9ffd8c3488181aa2efef0283b","sha512":"6f83ce520eff3416b6e45c2b7ae31b16b0e215d6eeca3c6228f684d2fd2960540d64f4ccdbdd56a6ad36bb8934380ac3ea88189dbc6e09ee93815ed69fb37727","ssdeep":"","tlshash":"d1519a63f7c8162514338b8cb965799d311dec5339612ff849fae228c26bd6e080e29c","first_seen":"2025-05-28T23:55:24.596182Z","last_seen":"2026-05-30T20:44:48.266602Z","times_seen":2514,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":687,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:500:700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,500","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css?family=Roboto:500:700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,500 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 30 May 2026 20:38:31 GMT\r\ndate: Sat, 30 May 2026 20:38:31 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10774,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"8d0cc6f28b33da2a7d057d3af93d0ff6","sha1":"94e1dae90fd2bc6893bf85b2cf383c55e35dcdcd","sha256":"d00429f1bfc5c27bb02937a01b78b12ba9e04a32e07fdf9c9c77c3d84c011ce9","sha512":"a89741a2b8f9d934b9fd5673b7271481a8f8c7aa800d332187558df580512c5c2dc69f24011b4d018f16f55b11ca588fdb7e83ae496d6db030438e3a22fc7dc6","ssdeep":"192:/N9fPN9CN91N9fhN9/qON9DbqGIwV4gN96N9u9N9oN9f1N9EN9PN9fLN9/qgN9D0:V9fF9Y979/9yE9/qY4O9A9g9m9f79C94","tlshash":"fe221da10417440097834ce223cebf35fe1f92147142d0b5abfd9b6baddbca652693ad","first_seen":"2026-02-26T11:36:53.880816Z","last_seen":"2026-05-30T20:39:08.680718Z","times_seen":21,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/06/db2979f5-da73-4986-b4f9-71424c147bae-848x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/06/db2979f5-da73-4986-b4f9-71424c147bae-848x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 23 Jun 2025 17:24:22 GMT\r\nETag: \"940d-638407b914ba9\"\r\nAccept-Ranges: bytes\r\nContent-Length: 37901\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":37901,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 848x570, components 3","md5":"1a5d2f514636038a3e6ab2b6b9301732","sha1":"5027725b035008630da41628b4258dc0be518d58","sha256":"993dcacecfaab69aa4bef0b793eef234e4a27df5e1be73e3ed90abc5732257ce","sha512":"224c458cb7e054b7ddad2c0c5d29c1d9f2e417d455d3d37518ec63a2b0f6ff9a4247cea376d21b7ae6bd79c5331c7799131f6a764970f3d317746a1a5653394d","ssdeep":"768:y+J18kWlerzGB2MuMObbeF1PTQzURBJLRMyocC7SAPe5V:y+zKUSeMae7PTQzsBJtMytCd2j","tlshash":"1403e1bb74810342a1274f7d2b77b99fc79f2b24ba546a6cfd32dd952a708a01051f03","first_seen":"2026-05-03T19:35:32.105748Z","last_seen":"2026-05-30T20:39:08.682824Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4638,"timings":{"blocked":4431,"dns":0,"connect":0,"send":0,"wait":206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5603-300x239.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5603-300x239.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 25 May 2026 19:48:56 GMT\r\nETag: \"30dd-652a9ab454e90\"\r\nAccept-Ranges: bytes\r\nContent-Length: 12509\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":12509,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x239, components 3","md5":"a40fc7691a9e5ee4a3f6e965ba4335e1","sha1":"6227cf7f493fee79415d1ff87469c6581b82d8e1","sha256":"689bbe45744f11f3d110a482f76e139590d45084601e8a43722be2f445528c3b","sha512":"f667b190e3692ba5ae30cc034042a9999b220552b296314af42d3ebee1d5c01066b1852ab4e8ae3d8247f2a1b3979ccf0dac780d25824ebcc501097d994716f2","ssdeep":"384:TStFYHca8aQjAm1Sm9n+qwP/buaz4mnVlq:TStFa5mMqwjTV0","tlshash":"b842bfd513d581d3c5a75cb6823b10e7949caaa1e0d3b308abb2d76357dade006dc8cb","first_seen":"2026-05-30T20:39:08.684551Z","last_seen":"2026-05-30T20:39:08.684551Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4947,"timings":{"blocked":4740,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/email.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/svg/icons/email.js HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.addtoany.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7776000, stale-while-revalidate=30, public\r\npriority: u=3,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HJbDJ1o971s0sC69keA9wiNB0IA2cFA2PkubDho44M9Sc8DmYjfgx2vvpeMDgNFe9Cx8V%2FClu47RA0m8DAV4ITcxkOdjqtgplXD2xzuiZtpC8bwoUxvReF%2FOgsG4gSnPhDbJyQQq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"eb2119ad4221a9d01abc336e06962867\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncf-ray: a0408b099db85fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":415,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (415), with no line terminators","md5":"452a9a6a280379512ab5764a1d42bae1","sha1":"61e0f75ff25c554dbf65743f1f6bf9d003ddc905","sha256":"d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453","sha512":"886b316d47a86f624f9eb9746ba2441b7508678c9bae9a17f26b4e0c8665b9dd3d641a6a6bc26e57fd7881031d7b826975d517e133ff2fee0704f0a45088cb6f","ssdeep":"","tlshash":"b2e02bd21160d7450f3307aacf6d22cb763e21bde0dc058142258af5d4d74dd4b05c23","first_seen":"2024-04-12T16:11:45Z","last_seen":"2026-05-30T22:29:26.408567Z","times_seen":4751,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/a2a.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/svg/icons/a2a.js HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.addtoany.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7776000, stale-while-revalidate=30, public\r\npriority: u=3,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kdt7Ab2LDBwU5QX5t4JRX%2Fgbr1yg1bWdYm95SYeFiW3sSX4lxUNzA18Rp91f%2FRY5beHorgPja0MJJl%2Bg%2BMuOX2GFYInIAGYvFsThkL%2FEu7EdJ0aPe1SfQd5K%2FD%2BCSs6RDzzxC5IC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"0aca4ea1e5f8f250126a8e0c597dd969\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncf-ray: a0408b099dbb5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":182,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"baf0595a19bdc7f7497b74731d2166c4","sha1":"fd5714384c52fc0338083574434d12328313896c","sha256":"3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43","sha512":"da0e15a709b3d043e8cd9e4f97cf70d8c1addc2a7d90b6bb11d71cd72aba9133e5b9388528691cf6a354a6aaa346045f64d82b947883057471e1f1a2fdbd1901","ssdeep":"","tlshash":"74c01291501575418c1342fb475e500b167120bd015c14ca36a881f9595613f8c42fc3","first_seen":"2023-03-08T14:25:33Z","last_seen":"2026-05-30T21:47:18.727051Z","times_seen":16323,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-19-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-19-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 09 May 2026 14:37:54 GMT\r\nETag: \"110d5-651637571a279\"\r\nAccept-Ranges: bytes\r\nContent-Length: 69845\r\nKeep-Alive: timeout=5, max=87\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":69845,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"bb32874cc7bd7314ac0791d353556f1c","sha1":"aedf6c8127838dbac2f7e1b2de143efb82705104","sha256":"5f4c13c9bf631c24a93f66558657f08abe6422d667e4ffb1aa9af2f5284b7349","sha512":"f917cd1e6694826eba98e187592f7144a3f54fce98a0e4a2cc69910e0413fb6c845c3458c1d3baffc078c29b820ba85e5c8f66e5a4fed3fff254b83e25167535","ssdeep":"1536:8ID3KHzicUNrMHU6pvSgnbNrdaHchYNbrNe6ahY6e0hagR60QsH31QBDv72dT0Az:TOPTHU6znprQrNQROSLE0QsXCBDv4z","tlshash":"8763020b93c5129ca36f4ec6d8ebcc5d58e4d555117a16b6ce2a4a38838d4cad0ba3cf","first_seen":"2026-05-30T20:39:08.690076Z","last_seen":"2026-05-30T20:39:08.690076Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3983,"timings":{"blocked":3772,"dns":0,"connect":0,"send":0,"wait":208,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-C6NCM4X8FY","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:51:35 GMT","end":"Thu, 30 Jul 2026 15:51:34 GMT"},"fingerprint":{"sha1":"4F:F6:A0:5C:88:9C:38:C1:57:D2:C2:16:50:CD:79:E3:67:50:CC:B0","sha256":"93:D6:F4:89:DB:C5:7B:E8:C8:73:F7:36:40:1B:87:32:83:AA:3F:54:8B:26:97:45:83:DB:E6:BF:FD:F5:70:33"}}},"request":{"raw":"GET /gtag/js?id=G-C6NCM4X8FY HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 May 2026 20:38:31 GMT\r\nexpires: Sat, 30 May 2026 20:38:31 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 158577\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":478797,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"d01718f62e22da6d22d74e9ff288f978","sha1":"100e24e9fe72fb64574500c48fa8b0c097ddd63d","sha256":"a3bcfe9594237c5b549fb794e61fe48c2431da112f76c407ae2723c04af78a75","sha512":"42176fbc29acf7d687f5ee7033083c3406a387820336cc3c0cfb41bc0f8f2eabc84c9a285d68021fdd638b38d115ec06296153f40175a29c7cae7c3aa3182810","ssdeep":"6144:vLwRfDNalVf36lwSXbDQCtEhuX7aWCBbn45Ea5V/Qp+:zZlVf36RDQEZ5xE+","tlshash":"eba4f9cdb3d674625396f478503f018ba57b28a2b44cc89af189cce42e7469a4277f7c","first_seen":"2026-05-30T20:39:08.6918Z","last_seen":"2026-05-30T20:39:08.6918Z","times_seen":1,"resource_available":true,"data":null}},"time_used":413,"timings":{"blocked":137,"dns":1,"connect":28,"send":0,"wait":52,"receive":85,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_4536-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_4536-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Sun, 03 May 2026 22:24:47 GMT\r\nETag: \"8abe-650f148223c59\"\r\nAccept-Ranges: bytes\r\nContent-Length: 35518\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":35518,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"10a473bf533801e16736a1b0356805e1","sha1":"20e24bcd5f76d848fee54f67ca81adf942645c81","sha256":"f2497d3801e0a39e7cbe17df27c2420dadd0deb184d057c304df3795c2e607a1","sha512":"31015dd3081b6083f9afc374353f7573c38530409526374033c637fb4d6ee380c1bf3f5dea4a441140bca108f91db5cc89e51675cdbef4f37ab7cbe84d3eb8ea","ssdeep":"768:8TFcyagTWBx0cknmeluHASSWIOhmvec2iO0h7Sl9XMIUnpEcAp9D:8TFc8TWnX+RluHASjnhmcp9hUjG9D","tlshash":"3af2f16ba7c907170089cbf06647464ac7c73b42a3ada28d6d7996077c618d4b80e0ff","first_seen":"2026-05-30T20:39:08.693672Z","last_seen":"2026-05-30T20:39:08.693672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4376,"timings":{"blocked":4167,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/modules/core.bycdb5qo.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/modules/core.bycdb5qo.js HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\naccess-control-allow-origin: *\r\ncache-control: max-age=315360000, immutable\r\npriority: u=3,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oDk7NUDeuxNVDXlIfpNXTT%2B%2BdaWTbRaIM5Q5qOJbj5SphVdlpdoEyoYXuHJScjRglDyWJwVsgmR2P5dloEc%2Fn%2FTrdUQC0T6iJw83sMfXDZ2vlBMZmv0T%2FPeAcw6FvljpIrHbdpQX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"53e7f790ea18441665d376b14cd5ca00\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncf-ray: a0408b08bda75fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72927,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4bd9b59dc4c960c39474eebd5c5c71ed","sha1":"2c3280d47de1fe915e6b33e719adf76e7aade79f","sha256":"67d4d49c9815036a850d409a2c3c927c46d2922f05b22d4713aa644dc8b494fa","sha512":"d018a56bf7a75ee87ed2b65c000a5c3fb026ce403fe1d54fb2f16b1d9012b2afcee7de678ad7de3de770c9ec0fa2b9e48f15a0a6e9a77db1702e94cf644400c8","ssdeep":"1536:C8fKZ0gdDGst00AQVWFiC70egd23OiOybJkbUcA3S/VX1xmeW0gQzbf0u8VI64v:5fDgIuiOnbZAuVX1xmhub8Cv","tlshash":"e9636c9b37055937ba1b30a9a9ffa608a036275ede080950f5a4d4b521fdecd3067f28","first_seen":"2026-05-21T20:24:46.824918Z","last_seen":"2026-05-30T22:36:30.296099Z","times_seen":583,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/dist/url.min.js?ver=9e178c9516d1222dc834","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-includes/js/dist/url.min.js?ver=9e178c9516d1222dc834 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 21 Oct 2025 10:14:02 GMT\r\nETag: \"2153-641a875818e80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 8531\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8531,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7893)","md5":"ffe8bdb3ec54f993c7e9baee9d1ed9a3","sha1":"0e0bef568482e927c7fb19840010748de78155c6","sha256":"5653ad7b55bdbf5f3bfe2ba676d50c0642d7017322700ab1369149f231efd417","sha512":"fafb8f6f3e59ffef8b2dd3b2a80eee4812ac019d1dfff8ea8f55b8f1c8e51a04c5dc54e7518db4e985dfb3c8fb93634728dd8e72fd063abd97752c26d5e74b2a","ssdeep":"192:QGxvVeLC4bvbI0Ny4jL4eacD0sF0/d/mwYP16Dc4UQAOoXJoXqVQa/:zxvVibjIQEeacQy0F+wk16AnQA7ooQa/","tlshash":"b20294ad399f64c6d362389100ba5466e37b2b7132df80c69a1a6c813c3376713d2da5","first_seen":"2025-12-02T22:49:33.810249Z","last_seen":"2026-05-30T22:13:31.903416Z","times_seen":10778,"resource_available":true,"data":null}},"time_used":1065,"timings":{"blocked":859,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/10/Racon-Banner-site-animado.mp4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:34.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/Racon-Banner-site-animado.mp4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=98304-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511; clever-counter-95947=0-1\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 15 Oct 2025 22:16:38 GMT\r\nETag: \"19dacb-64139dab4f9af\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1596107\r\nContent-Range: bytes 98304-1694410/1694411\r\nKeep-Alive: timeout=5, max=83\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":175860,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"8356058cfedc57182c6a27d583288984","sha1":"f9171e0839de2d6f924fa5aac1bc394211aed037","sha256":"04de5abad9ad56894f799cbcfe4145c5707d3361281bbdbd020667a85b08fa75","sha512":"795c0e4d49ef4ee084030552bf73b3d86fbdbf5aa29482a15e45fbada74608d09406ac844b6dc1212233b5a5548565a4056b87f3e539f65ece737d0dac202ae3","ssdeep":"3072:AfRh+NF9gifXVqo++xIcwJ+b2fwBw+vAAyVg8NCcThhLgJjvO0qz8YR7sFd:E0NjgiNkaIpEayjPydNCc1hLWjT1Fd","tlshash":"1704235f66ebe7e7ef13957a08b7221471aa43358703805b430cb97960e442ae52fd3e","first_seen":"2026-05-30T20:39:08.696832Z","last_seen":"2026-05-30T20:39:08.696832Z","times_seen":1,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":85,"dns":0,"connect":0,"send":0,"wait":182,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2022/05/logo-rgtnews-v1-1.png","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/logo-rgtnews-v1-1.png HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 18:40:14 GMT\r\nETag: \"366d-612ee2c4a77eb\"\r\nAccept-Ranges: bytes\r\nContent-Length: 13933\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":13933,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 94, 8-bit/color RGBA, non-interlaced","md5":"30297bc126aa742355b6e9a7d379efa8","sha1":"7b7f088c7fd5cf5a041677b931e85f7231f80a58","sha256":"853bdbfaa6d77ebace5ccdf9a6c80912ab1dcf2913f711eebb38d35d889086b5","sha512":"83b912e7e33c0f323f958788dff0e0816a00681bb48c9d6f69aefc61f65bc7927d951c14a109c70ef9fd13395a40645c511f3d07345376ef43fa6fad18ec8364","ssdeep":"384:kKnFnJL+Di+a/MgEPfz7bdGtKG3ry68CS:DW2+aPMz7b+zy68CS","tlshash":"a552f1a213721d486c3a27ab5040efae9fbc01564872ff32f4d021f293a158da59fd72","first_seen":"2026-05-03T19:35:31.959876Z","last_seen":"2026-05-30T20:39:08.69856Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1761,"timings":{"blocked":1577,"dns":0,"connect":0,"send":0,"wait":183,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/simple-social-icons/css/style.css?ver=4.0.0","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/simple-social-icons/css/style.css?ver=4.0.0 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:31 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 07 May 2026 14:48:11 GMT\r\nETag: \"4fb-6513b5e87f7bf\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1275\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1275,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e8175462ab0e2a8443177c137432501c","sha1":"1346a2fea2bf790be966a085300cc3aa8ca39b69","sha256":"6ca663ffc7d06bb83d81ed5f74d2d361311b0bbcead435e028e6801dca3eebb0","sha512":"1e1327dd50785f8732ca3393e7c6e8cf75c84449f2d52c369fe8447e0f96e2cd1173292bc62ec7e4b34846adf2a88054eb3e0be815c41ceaf20337f61fa92185","ssdeep":"","tlshash":"bd210a117f561045820f86659e5bab399c3d4051df0a8d6745023a3963983da39f3bae","first_seen":"2024-02-05T00:56:28Z","last_seen":"2026-05-30T22:18:32.260076Z","times_seen":2212,"resource_available":false,"data":null}},"time_used":690,"timings":{"blocked":508,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5868-600x600.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5868-600x600.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 30 May 2026 12:59:15 GMT\r\nETag: \"fed6-65308874dc660\"\r\nAccept-Ranges: bytes\r\nContent-Length: 65238\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":65238,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 600x600, components 3","md5":"8826547b5ec2437834b0503b1f9c79c1","sha1":"1bdc83e229a45b2c05aa6582fe87be752da16c16","sha256":"1796803769a4215ba02c17fff69d2b84f28c6e32638f8b53f533d778abd21cb1","sha512":"bf9954123d2983915fe9984adc5101d82239d58233c52a9cfee1d27d3e73569275bb5951200e8acf9b4a6e2ead6dabd25f002669da200244c5c8fd63f5e0efe8","ssdeep":"1536:3DP+wSuuIRngG0VrzNDcgdru9fgihGQv+1bZo03QkAitJ/3R:rPSnIRIHNDcgdru9IHQvUbqitlB","tlshash":"e053027649252089887ccdda8f1351dcb220818dadc66fe38d7ad59cb9e2fdbb01c21d","first_seen":"2026-05-30T20:39:08.701061Z","last_seen":"2026-05-30T20:39:08.701061Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2304,"timings":{"blocked":2116,"dns":0,"connect":0,"send":0,"wait":186,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/rgt_news_pablo_spyer-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/rgt_news_pablo_spyer-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 27 May 2026 20:55:25 GMT\r\nETag: \"1147c-652d2d4b7d51e\"\r\nAccept-Ranges: bytes\r\nContent-Length: 70780\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":70780,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"39eae3ac897591bdbb5392b2aad02f3d","sha1":"aa279a24b313b0a382d27ffce5b80ac94316897d","sha256":"db5ba085698f106432dc038ad2b64fde51b743534c03014bad9514cbb4b534f7","sha512":"f776cba1a23f492a84940294a2459792790d150fa6d6783230e7d162f24838983e162331bba07394196ab4c7f0a1877fb1d71c783364c2d89d5959acf93c199a","ssdeep":"1536:8vfnvQcsTY1rJjYl1WnPKjmOQf96epwzmo3gbafMR:SfnvrsmrJjYl1NtIwzviOU","tlshash":"1a63028bd363877501ce3adf1a139df5045839a227e9e795b0b4c944a05f6e3cca8c8b","first_seen":"2026-05-30T20:39:08.702769Z","last_seen":"2026-05-30T20:39:08.702769Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3341,"timings":{"blocked":3132,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-66-300x258.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-66-300x258.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 29 May 2026 18:28:54 GMT\r\nETag: \"390e-652f9046a9d9b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 14606\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":14606,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x258, components 3","md5":"b985df4297c603dc9ee57126adb12ba9","sha1":"c032e88d4099bda70b03f9314facfbd566ad9eb6","sha256":"2f17cd629cc0515248e44a3080fb0fc4ccdc15f1d405bd40339301d72494b3f8","sha512":"93d263970a2501abdcadbb36731a05f8b9585915da9d5bfa32fae8490807bd81ab71a6c2a5db8e1420befe8b9d818a9de8396493c2f0df669efb8bf74ba82bae","ssdeep":"384:9479OnNWgQe5dTHM0BG3fV0wn7dxFnr9frTpVM3JM1cq:947cnoeM0ay47dxFrtrTvgM1l","tlshash":"f662bf2192b79143cd373eb659236e0cfa8871d7c83960841db5c6eaebca1da882d452","first_seen":"2026-05-30T20:39:08.704387Z","last_seen":"2026-05-30T20:39:08.704387Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4899,"timings":{"blocked":4691,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/ultimate-post/assets/css/style.min.css?ver=3.2.4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/ultimate-post/assets/css/style.min.css?ver=3.2.4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:31 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 21 Mar 2024 22:35:27 GMT\r\nETag: \"30def-6143352f19ff5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 200175\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":200175,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"d60af7f6f346e44b6768b8ed31dbeffc","sha1":"f8a46248019ea98f2ba65fa1e82ec72cde690617","sha256":"e0bb1dffdd64f9c0f9fb4b125478fdd65081d4139691c3a5b473b8781ebb7b9d","sha512":"9d9196b0806c04b953ac55310ced1fe95ff3a93f4b776c81edd5bea00628658ec00b9e7be428c39bf5957320b132e7d105defd3e572f090376ba59d4d56b62f2","ssdeep":"6144:nUC72ZL/vcH+EmRd6w8LhJFGObzDltbGQY9bt13LPne:niL/vcHwd6w8LhJFGObzDltbGQY9bt1K","tlshash":"4f140a504bb521ee1c2792e6ada97e642c648503c3120decf399c7dc13cd69a4dfa78b","first_seen":"2025-06-27T23:51:51.372094Z","last_seen":"2026-05-30T20:39:08.705901Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2273,"timings":{"blocked":622,"dns":1,"connect":204,"send":0,"wait":206,"receive":819,"ssl":418},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/main.min.css?ver=2.0.28","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/main.min.css?ver=2.0.28 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 19:17:45 GMT\r\nETag: \"92a-612eeb26ff738\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2346\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2346,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2278)","md5":"580a8a8f9974246d1f9c252518328e27","sha1":"e86628b4742b14bec12815a83e3c0bfa4ba05133","sha256":"bdac1942e9bab9f177d48e96c6e4486bec9ea10447aa89076df39bfac95a9fd6","sha512":"d53d9364dfb96a2575421192d2fdf32532457298e26844a11ec654c8e6fecfd0f2b22d92fa1c0c600759188c824d78e282f1e1da756c5d48abcf5b970ef74214","ssdeep":"","tlshash":"7841bccf32de519c7ae7807914561694262b7836cf4b60ce874720f40bc93eb5a233ab","first_seen":"2026-03-08T22:26:22.145971Z","last_seen":"2026-05-30T20:39:08.707826Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1040,"timings":{"blocked":856,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5611-300x267.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5611-300x267.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 25 May 2026 21:32:35 GMT\r\nETag: \"4105-652ab1def7295\"\r\nAccept-Ranges: bytes\r\nContent-Length: 16645\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16645,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x267, components 3","md5":"c3bd15632481c80c80d5a590c306a78d","sha1":"2c71b7c3bb633f82736535ed49c5c87ef095a553","sha256":"fda0083e3a8330e262518009b78bf5f35b0037ff405e62077bef3a60785c8977","sha512":"95966b6d0bd2717fd7bdfba7ef0fb12c39eda0c293a4f8095042cb31b736d7f486da3b15e692120b184f7e9678b7e2a85c82bf84d7d5027f4ba1a2c20fbceb8e","ssdeep":"384:kk4QuHetsLvCm5dAjHLMk14y1pdzB3nMDN5BFyw1rzb7AFknHkv:kk4lHey55dALLMkN1pZBXMN5TVE8Hkv","tlshash":"a072c05d9b100561751bdc0a8e134b09a36d63c36981764a3ff1cae6d9ea8ca86f149c","first_seen":"2026-05-30T20:39:08.708517Z","last_seen":"2026-05-30T20:39:08.708517Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5091,"timings":{"blocked":4882,"dns":0,"connect":0,"send":0,"wait":208,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/pub-busao-roo.mp4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/pub-busao-roo.mp4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 13 May 2026 20:05:49 GMT\r\nETag: \"c0fa-651b8818cd5a7\"\r\nAccept-Ranges: bytes\r\nContent-Length: 49402\r\nContent-Range: bytes 0-49401/49402\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":49402,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"e68230d41163f38862a6a44ea359094c","sha1":"4e35ded8e7f3f6fd3cf9457baba62c0b711c10ac","sha256":"6c99a2cc724263a345e7c4de020a7ca966485731c21ff35f6f7587ef7b55902b","sha512":"6442ee5eacf480da78c3d725d8a9534425ba6892ec7742907a4ddfd9623933b9b7afca574ffa4891f01f37ce06e160c55bbec4ca5d93c5f3fc7a6818d6cb3ea3","ssdeep":"1536:IBsp5G5hUqy+UcGcTmAR4PGNp9u8vrVUlMRK4qvA:YKkZRhHCASuNZvVw3vA","tlshash":"962302375a820406eb72ccfc4cdeafdde464309983aadec60672a1f2cdb6f425524656","first_seen":"2026-05-30T20:39:08.709995Z","last_seen":"2026-05-30T20:39:08.709995Z","times_seen":1,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":183,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/blocksy/css/global.css?ver=43153","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/blocksy/css/global.css?ver=43153 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:31 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 16 May 2026 14:52:33 GMT\r\nETag: \"5257-651f07ac2cb65\"\r\nAccept-Ranges: bytes\r\nContent-Length: 21079\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":21079,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (21079), with no line terminators","md5":"21aac168ee321fef6f1f299166a09b13","sha1":"f82ecbe728311d276392b0b242625871d18085e5","sha256":"284cd972c4c4c49d7234606851c0a0fa09324f22f611934eb469e0270335c9a4","sha512":"60105666888be41724ffb5b2eebeff32e59633b0adecfe078a78a707e70a70c301150c5ea6d09a7c7a35a1a08c18bb1ab35ba393df7b1c86040df80e91b83d99","ssdeep":"384:XSmSGSsSTSvSBS/SjSISuSiYiHd58KeRE9vYRSmkSJSkSQSG6MOImj2MP/NEywb5:CRxTu6YK+/ZPoqomLALH1pj2MP/NEywN","tlshash":"2b92e0b2b6789127141b16bbb09c596d9b21f8c2ab963bd0f80d94c3f0c92eb754471f","first_seen":"2026-05-30T20:39:08.71145Z","last_seen":"2026-05-30T20:39:08.71145Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1485,"timings":{"blocked":560,"dns":4,"connect":181,"send":0,"wait":183,"receive":181,"ssl":373},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.95","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.95 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:31 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"19482-6326ccb162638\"\r\nAccept-Ranges: bytes\r\nContent-Length: 103554\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":103554,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"c4a354a9e0cae48bd1b6a31fac9c569e","sha1":"a35b1b923cb975c477717021cdca9f4d1ae83cd8","sha256":"1498b433dd0bf1dfba8229ce9312730bdfa09c5b1b72f36c0a6d8befc58f43b5","sha512":"dfcd79394ba3aae28cf393c8618ea722bd8074f93fcaeb257de02536455b1283ea17ed926f68fd3357c8d066120fc10fc7265a937d71def60f901a5382d96347","ssdeep":"3072:C3duDvmwgQ4QTsKXUxLkSa0F7U90ngBFhRBzEFzl6bpjUH/K1I+Eyq0vSJk:eduDvmwgQ4QTsKXUxwSa0F7U90ngBFhz","tlshash":"38a309937664827e7937d22867cc95487310f591cf4236e4fd9980d885cebea2633b8e","first_seen":"2025-04-07T12:00:44.463424Z","last_seen":"2026-05-30T20:39:08.712664Z","times_seen":52,"resource_available":false,"data":null}},"time_used":502,"timings":{"blocked":316,"dns":0,"connect":0,"send":0,"wait":182,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-68-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-68-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 30 May 2026 11:52:53 GMT\r\nETag: \"173fb-6530799f76e43\"\r\nAccept-Ranges: bytes\r\nContent-Length: 95227\r\nKeep-Alive: timeout=5, max=87\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":95227,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"0640675cbc05e620884de9af28a01b57","sha1":"c8a553942e4729c96ed7a75b25280df4ef0f834a","sha256":"ebb215f26e9ccfdbc6d36a9a868b58981c7627d6dfe5ce4d5c4d89823d6943db","sha512":"13fb2e317572543625c058c8c773ed64ca7d8b350c93c500aacd667cd2a802626dce4a83345785ef5de7490642fa00857841de0905db0d1645439d28a6083c8e","ssdeep":"1536:8r9TyvOX6LO675mQ15FiIX+ANg4XYbJQFSByo3I646LIvDT0RGN9:QwvOqLsIOQl+QFSf33s7aY9","tlshash":"829312fd6fb36a3ce76bba9ab105c8c5e0945e810ed4e1c74c47c124c9a8d146ea5fc8","first_seen":"2026-05-30T20:39:08.713414Z","last_seen":"2026-05-30T20:39:08.713414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2566,"timings":{"blocked":2380,"dns":0,"connect":0,"send":0,"wait":183,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/03/TADALA-SPRAY.mp4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/03/TADALA-SPRAY.mp4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 27 Mar 2025 00:28:31 GMT\r\nETag: \"1ea8b0-631480897a64b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2009264\r\nContent-Range: bytes 0-2009263/2009264\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":207864,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"017f57ee6f85708e43cb84f34a14db42","sha1":"eaf52251aa260de807496a5d90ec24243999dbf8","sha256":"ed1b363978997bf1fb1cd70668d91d6ce7bfda312f45e820edb9d1a5a39ad167","sha512":"3f2ecc15d945e2ec135ae7d0f94e79b5aa35d186758bac2449e16c57744f93997888f69a20e0c381344e9170200c2305e7891dfafa29e296d8e62599468a2f23","ssdeep":"6144:VzkNvGF190lzM0Hoce8pRGvU9UENEgYT1:VqeFr8/zRGGEL","tlshash":"251413ef2fd15a00d5c9a2f3f1378a6b6e66e4f839c68f3061602d3c9df1742605a51a","first_seen":"2026-05-30T20:39:08.715053Z","last_seen":"2026-05-30T20:39:08.715053Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1034,"timings":{"blocked":815,"dns":0,"connect":0,"send":0,"wait":207,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5685-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5685-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 27 May 2026 01:20:03 GMT\r\nETag: \"18e20-652c26943b08b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 101920\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":101920,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"f286fecd30e45e35282f1dffba723f13","sha1":"72e9dd404cd4ff6a7c8cc2bf4c99ef6b65fa69f2","sha256":"ada2cd1627cdcd759a1c20aa8b5327ba6bac97995295fb2b0c55e74023d64da4","sha512":"f330eabe700b34f6a4825f2d1bbf065bb4a4ee101ff53ba438730dd09e088358dfffdb7fbd6f5b5562717913ab582b862a59a82ace6c06631660c73bf5513715","ssdeep":"1536:8J4EAVdtoYpn2bmvYzCzJJhed+6p0aPoms9L58yCiInotWF1wDq4kLRYZgEsl6L4:84t/pEYYIJ2dhxPo/KViIokwOik6+4w","tlshash":"f6a3231c4c6e619e6be300c0e43304ef54cf7a2d3bf92d7d133a450996a4ee9a6486a7","first_seen":"2026-05-30T20:39:08.716287Z","last_seen":"2026-05-30T20:39:08.716287Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3564,"timings":{"blocked":3150,"dns":0,"connect":0,"send":0,"wait":207,"receive":207,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/adrotate/library/jquery.clicker.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/adrotate/library/jquery.clicker.js HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 27 Mar 2025 00:39:17 GMT\r\nETag: \"175-631482f199e82\"\r\nAccept-Ranges: bytes\r\nContent-Length: 373\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":373,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"c610b3ebab3ce54f5450cef2cdabc14a","sha1":"af2337dba6432104e8c07fa179b0e03dce3ffc00","sha256":"84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64","sha512":"d28f751e195f79b6b8297ea104d7e3c374e644e868abe04f6ef9284461327ac14023111ee6513633d4b299257f079cbea880dcb3019d58c6e8df0429b7976705","ssdeep":"","tlshash":"80e0c03cf5ec1112ca3735e2453f5d07753ea8016b9b1d8ac29d81521fdc32c348d608","first_seen":"2023-03-10T03:21:06Z","last_seen":"2026-05-30T21:44:09.102145Z","times_seen":1932,"resource_available":true,"data":null}},"time_used":869,"timings":{"blocked":687,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-56-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-56-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 25 May 2026 18:51:22 GMT\r\nETag: \"11961-652a8dd6582e2\"\r\nAccept-Ranges: bytes\r\nContent-Length: 72033\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":72033,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"8bcce0ee788dcb8df9087cab090fa574","sha1":"b86354fcf375739d7796490160f93df376c07a5f","sha256":"325e07c62501a1052090be1a139ca746bd976d83cb87122a477597efce84ab65","sha512":"b543c1d1839449006b4fb2c1a6f6801b5628c8e23def69612b1080114a800726dddea7403b8f3455c21509f0fb20d46f96f88f4218f396a167d0f2bd8d7209b6","ssdeep":"1536:8dSHQAnSYArAQHyCHjsKP0NyNH0892XmmzXiZX/Tk7wPa1A7J/Hysk:bQ5rFwKPcYHR90LSXpiAVNk","tlshash":"2b630272be05df09c1467cde715ee7980ab1b5cafbb778e06a344702503889a394e74d","first_seen":"2026-05-30T20:39:08.718285Z","last_seen":"2026-05-30T20:39:08.718285Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1753,"timings":{"blocked":1340,"dns":0,"connect":0,"send":0,"wait":207,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/searchwp-live-ajax-search/assets/styles/frontend/search-forms.min.css?ver=1.8.7","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/searchwp-live-ajax-search/assets/styles/frontend/search-forms.min.css?ver=1.8.7 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 07 May 2026 14:48:05 GMT\r\nETag: \"827-6513b5e38ed12\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2087\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2087,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2087), with no line terminators","md5":"0d14130ae5cdd16d5e7fd3f88b9caa4e","sha1":"330cd850643c3102b78bae05cfdba0885f704dbc","sha256":"c5e5950e52d64ebf57c756a48fa1d39d8d1854f33f5ad8c28c2d44dd93c8c1b1","sha512":"99035549e540aa7f6b33db5b9a82ebc19dd6f1af720cb1daea8d393ade713eb7d0ffbe06d6c9a44a519f319a1dded140a56f18e9f44e4ec4f0add72d9e41ac64","ssdeep":"","tlshash":"6b41cb2224e1220c045b9f256aeb3149d30ee434841727fb5cb2761487e6a9f0bb66fd","first_seen":"2025-06-01T23:07:11.716611Z","last_seen":"2026-05-30T20:44:48.232045Z","times_seen":690,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":679,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T20:38:28.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:29 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/8.2.8\r\nLink: \u003chttps://rgtnews.com.br/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://rgtnews.com.br/wp-json/wp/v2/pages/19\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://rgtnews.com.br/\u003e; rel=shortlink\r\nContent-Length: 250852\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"AddToAny Share Buttons:1.1","description":"AddToAny Share Buttons plugin for WordPress increases traffic and engagement by helping people share your posts and pages to any service.","website":"https://github.com/projectestac/wordpress-add-to-any","common_platform_enumeration":"","icon":"AddToAny.svg","categories":["WordPress plugins"]},{"name":"PHP:8.2.8","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Blocksy:2.0.95","description":"Blocksy is a modern and lightweight WordPress theme designed for a variety of websites, including blogs, portfolios, ecommerce stores, and business websites.","website":"https://creativethemes.com/blocksy","common_platform_enumeration":"","icon":"Blocksy.svg","categories":["WordPress themes"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Elementor:4.0.7","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"Blocksy Companion","description":"Blocksy Companion is a WordPress plugin that provides additional functionality and features for the Blocksy theme.","website":"https://creativethemes.com/blocksy/companion/","common_platform_enumeration":"","icon":"Blocksy.svg","categories":["WordPress plugins"]},{"name":"AddToAny","description":"AddToAny is a universal sharing platform that can be integrated into a website by use of a web widget or plugin.","website":"https://www.addtoany.com","common_platform_enumeration":"","icon":"AddToAny.svg","categories":["Widgets"]},{"name":"Yoast SEO:27.6","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"MonsterInsights:10.1.3","description":"MonsterInsights is the most popular Google Analytics plugin for WordPress.","website":"https://www.monsterinsights.com","common_platform_enumeration":"","icon":"MonsterInsights.png","categories":["WordPress plugins","Analytics"]}],"data":{"size":250852,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22995), with CRLF, LF line terminators","md5":"529ec99c8ca383b0dad047952be39c54","sha1":"076c88ea178e6327362d08b45a346affe18affc4","sha256":"54a3fd0bb82620432f8eca1b9e9496bba4b4d380e3841f3a5e659387beaf3476","sha512":"467394d61a181988a9cc34decf627cbd94cf75b33eed4b367a2ef563fabb5e8cfd62d928f308d2d2bf44132e746942faa2b24c31a322a2609a48ff49b823a5e5","ssdeep":"3072:m2904Dq0dV4euX44IB9aKgo2igcGsdw2svKvaFqM:m29Xq0dVtJaKgofM","tlshash":"ea348432437510fa651752c86d153e28b4a9a092db0a46e5f3e9d3ccbbccea55cf234b","first_seen":"2026-05-30T20:39:08.72034Z","last_seen":"2026-05-30T20:39:08.72034Z","times_seen":1,"resource_available":true,"data":null}},"time_used":4461,"timings":{"blocked":1063,"dns":433,"connect":181,"send":0,"wait":1606,"receive":728,"ssl":447},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.9.4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style.min.css?ver=6.9.4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:31 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 30 Jan 2026 02:37:52 GMT\r\nETag: \"1d23e-64991dc196000\"\r\nAccept-Ranges: bytes\r\nContent-Length: 119358\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":119358,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55871)","md5":"b592e353685f2eabaf8f935e377a95a0","sha1":"30d4a0ff9561f9c96a0a29cce379dfbde9749a65","sha256":"3b44e208bba827e614cf1e36e639e3c7cfb849771fb17e99bb38e14022d30d16","sha512":"193686fe6c1766b540e311015484745ad2ceddb9ffc3f883ac3ae66f1d29e32bca94ba11d40f3d0f6689c306f7760ae167d8af73a22778aba93a772e076a9cd4","ssdeep":"3072:WoeJBCCUQg5MG7x+qehvP0xdclkWwbFpPu:CfUQg5MG7x+qehvP0xdclkWiF0","tlshash":"cfc3621417b4dcf935ffa73a5e4ee258a107aa41c68a67e6e066d190718ca490cf3f0f","first_seen":"2026-02-03T19:45:02.649878Z","last_seen":"2026-05-30T22:00:47.017176Z","times_seen":44530,"resource_available":true,"data":null}},"time_used":1852,"timings":{"blocked":557,"dns":3,"connect":184,"send":0,"wait":183,"receive":548,"ssl":375},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/7f61d6de-788b-4246-913f-43651164c3ef-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/7f61d6de-788b-4246-913f-43651164c3ef-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 29 May 2026 22:43:18 GMT\r\nETag: \"1092c-652fc923a2747\"\r\nAccept-Ranges: bytes\r\nContent-Length: 67884\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":67884,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"d6f6e0bddd2e8b984647727bd1104e02","sha1":"54287dbec244d625d4d8097706899409fb5712ca","sha256":"7bde42fb12bbfd1124c031c5ea5ebf1aeec68e4be16d4392dd0c45afb5171042","sha512":"fcaa5d893419b6f805e2191700ed4e49981115e1234c714255195c3911071e55523c4187cc5ef8129874ddbd3f2585cbefcf553197d515843f3201829efefeaf","ssdeep":"1536:8FNL7HrtY4o5Rs7+dnmkZ738gwOSTk/Iihd:8FHrtQRs7+B5N3bSgPhd","tlshash":"4b63026400d09e830ebb7e7f80dce95324fc5f54b529420ea8e58997423adeae4f425b","first_seen":"2026-05-30T20:39:08.723391Z","last_seen":"2026-05-30T20:39:08.723391Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2308,"timings":{"blocked":2099,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/twitter.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/svg/icons/twitter.js HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.addtoany.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7776000, stale-while-revalidate=30, public\r\npriority: u=3,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6iJzHAW%2FGlJNYc3PM31ZjuWuGSiC47bU%2BSPK62hYMdDk%2B4vgSb0FufPWyErEb5YMk7OK0ukmH2NWFnnyCZ9478VwoRKymdOTZatZJcYT%2FYYFUKuKtelTrybnf%2BIjB5fVzvPPeJmF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"af2b829f9b79fabec7c0148a8b7e444b\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncf-ray: a0408b099db65fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":645,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (645), with no line terminators","md5":"ca05cf90bd32d6134c0b92464c343f9a","sha1":"187feb5cc71d225717838268487a0abc9b8d405c","sha256":"3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636","sha512":"d36553644d3a52a96dbf733c7eb766deda074c926f44514001633dd0a3ea2b84d1a835f207bcd9772e33b2a8c086616cebf6119a3d802134636ef7c53e92dec0","ssdeep":"","tlshash":"8bf0ddfe277c60dc28234baacb15e5591b2d30ba3b8051c3061c87b0488791ce503d42","first_seen":"2024-04-12T16:11:45Z","last_seen":"2026-05-30T22:28:43.469924Z","times_seen":5008,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=2.0.95","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=2.0.95 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:31 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"50e-6326ccb161e68\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1294\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1294,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1294), with no line terminators","md5":"9b4a4d790a1ef85b8de0bee643e3eb3d","sha1":"7d95f4b2d405e0a44db6c598069b89601de17e43","sha256":"8919d9cc6dbb6e8b93606b83910aeb0a16859e651bbb912cdede1bb467fe9fc9","sha512":"28d9a2f4b6f427105203767c6a4d9221139a4d53e2c5ed3c782a2594744cdcf600a2896d81691c194d3e8646e4f8b65221e57bdbbf4ff037c0298c7511662d12","ssdeep":"","tlshash":"8a21f7017933c27d5ab7102f568e204cab08bcc29bab78d5f999d0d0b2ddbea1370346","first_seen":"2024-12-30T15:51:30.580974Z","last_seen":"2026-05-30T21:18:32.269673Z","times_seen":2924,"resource_available":false,"data":null}},"time_used":683,"timings":{"blocked":501,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/09/banner-caramelo-plano-de-saude.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/09/banner-caramelo-plano-de-saude.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 29 Sep 2025 17:36:38 GMT\r\nETag: \"18991-63ff413e0e2b3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 100753\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":100753,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x380, components 3","md5":"66bca759f9d2b73d35c428d56d7f82f6","sha1":"9736555f19ed5c2dd7db4af609297213d660266b","sha256":"cbe07c98f61da430504d72fb3a363bdacef8bae301d6d26c0206ce83d76bc96b","sha512":"74f8635b3b7681b2bf648de7847056043bbe66ac21f75e28dea8e67718754d8995cc49598b146de115d5cbc7c1b06474789a62f9a4b73d4a429484e6094f8622","ssdeep":"1536:Wciqp7Iet0JvhpaUGpeWJeG/rk0Sz82ZAX1XxN53ICMMBi:RVp7bt0J6U1Wz1Sz5AFxYCMMI","tlshash":"1fa3f0087448dfc930cd13e699db6b4b364bd9fb852b91e2aa8b07552ec713c6213973","first_seen":"2026-05-03T19:35:32.114292Z","last_seen":"2026-05-30T20:39:08.726387Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2750,"timings":{"blocked":2539,"dns":0,"connect":0,"send":0,"wait":207,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/31becb87-8941-4c9b-8330-706b10b1d794-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/31becb87-8941-4c9b-8330-706b10b1d794-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 29 May 2026 22:51:33 GMT\r\nETag: \"f61d-652fcafb9a7f2\"\r\nAccept-Ranges: bytes\r\nContent-Length: 63005\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":63005,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"cff30efff489ef1f64bbba29a6a551dc","sha1":"12248b9038d86f8bf555b63be9a679bc5f200775","sha256":"5391274b58cd8b717acb1b3ca6c7159936b4d584a814efb910370d939a289cfb","sha512":"6472ffe8a8197a805dbeab2e226689e328218d8aba7841f0a2e72f4dd12840287bb9b436968c7e16e9d5a26e96615bdc7db970cba51d45ee89b9adbd95ba61b1","ssdeep":"1536:89WNYl8UNB084SYZ4P78o8LI68pI+brRYyy+xuShx7daDaR:eyq8UkD+QTE68uSRYyy+BLdaDaR","tlshash":"0d53127174261062cdcfe496fe325558a3639ebb6b78e64cb2b2d4e8d1f21cdd18404b","first_seen":"2026-05-30T20:39:08.7279Z","last_seen":"2026-05-30T20:39:08.7279Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3599,"timings":{"blocked":2552,"dns":0,"connect":0,"send":0,"wait":207,"receive":412,"ssl":428},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/eua-x-ira-750x450-1.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/eua-x-ira-750x450-1.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 May 2026 12:33:57 GMT\r\nETag: \"3e5f6-6511142d3a774\"\r\nAccept-Ranges: bytes\r\nContent-Length: 255478\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":255478,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100\", baseline, precision 8, 750x450, components 3","md5":"6d9f61b3c14a9648dc181b48a7ebd15c","sha1":"9d329f257cb8f52db661826b51f753b96c8446dc","sha256":"35018dda365ada2f8c58ef8a9e7608a3728efffc0d6354ee2553a8fb83a10086","sha512":"8f23e9a57eb3180677427ef8c9b904c7cfc1a422bf9ac86541052356d95249462a12b4882a090b86d5b7f2dd8cf5badb9c7b55742b70b6a362126a79ee819bd8","ssdeep":"6144:7HmfXce4/T0UDbKIC2vo2lbtchVEeNFvfxYbV:bmfXce4j/MkKhaYFHiV","tlshash":"4944230e9800e6f6da4313d37ec018c258096572467d0aea37d6fcf5ef9f46e98405ae","first_seen":"2026-05-30T20:39:08.729552Z","last_seen":"2026-05-30T20:39:08.729552Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4302,"timings":{"blocked":3929,"dns":0,"connect":0,"send":0,"wait":185,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5730.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5730.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 27 May 2026 20:10:19 GMT\r\nETag: \"18cf6-652d2336945f9\"\r\nAccept-Ranges: bytes\r\nContent-Length: 101622\r\nKeep-Alive: timeout=5, max=85\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":101622,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 609x539, components 3","md5":"35eb8e6cbec67b4c57ee151de1446ea1","sha1":"941856fc9fb30e620ae6322024953bfb1c34a92c","sha256":"e72e027691f33e08ff0baa1c00f30be09937b0c84696ede39e856db078b2cad6","sha512":"3ea4786edceec0fde18f916a520d3e8d128f822d1076a9cf7ae691886e52bba380148dadd38f3bc204dc95f556560b27110d0306c73f9625948fc0d779500667","ssdeep":"3072:a1VM//0GoceSolFjxZtkwk2D4wVx++Pk9mU:as/RuhVkiDL3M9mU","tlshash":"49a302dd62b4b118da937636900d9767eeaa2210f509ca84765c0017fcd48e63ed2fba","first_seen":"2026-05-30T20:39:08.731126Z","last_seen":"2026-05-30T20:39:08.731126Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4398,"timings":{"blocked":4186,"dns":0,"connect":0,"send":0,"wait":207,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5855-600x600.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5855-600x600.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 30 May 2026 10:58:16 GMT\r\nETag: \"a9f5-65306d6af4c01\"\r\nAccept-Ranges: bytes\r\nContent-Length: 43509\r\nKeep-Alive: timeout=5, max=83\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43509,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 600x600, components 3","md5":"ddd41ea8c34048fe1475d655212d506f","sha1":"c95101f2fd34dab70f35c524b7db5bbef1943a23","sha256":"6d746f813a4c4c8056dbe522cb0e9909333690c99e6c04074ce3da4e9e650b07","sha512":"b76a485dadbc948044ebbe81fb717a7b2d1246cebf0b3db81b2fd7b76cf94145ecb0f64e678e30064e06c61ac543fe57ad17c9d33172336344b37119c7fdf1f0","ssdeep":"768:3QaSfnXXiiK8pJYFZ/M/ZC+apd3Iodf2FQFUthLvNAqmYjtInuFFu1phEOJ:34XC8pJYFspapuyf2FQFUDLHk1p6OJ","tlshash":"cd13012eb62b0227f5284789b6163381ea2f97517f5e54151bf390b717ccce040ae7aa","first_seen":"2026-05-30T20:39:08.73239Z","last_seen":"2026-05-30T20:39:08.73239Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4804,"timings":{"blocked":4596,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 21 Oct 2025 10:14:02 GMT\r\nETag: \"161d-641a875818e80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5661\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5661,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5626)","md5":"90e932bd9e62583fc494c00498cfe7f5","sha1":"4f57e11bff609f90f49174187a0b5a6ba847ad28","sha256":"87cee5f49ba0d3017efc409579fc58b91a717f8f14751f7d804447ac9bcbaf4b","sha512":"ed9c129faf972ddfa705f05c3207884e5e9cd175baa45d49ce9d42bc0d01e4e8f36e627731bdd97214b1e2400fdd5012262a42f9800cd4f5565dbf183ba58507","ssdeep":"96:wXDE/3s/0EBM6ZUUCRTH+zl4NsBjcEmDtrGV2C2yics6w1RfGdzsvqZTq:wzg3kBFZYH+zhjngRw2cLzw1RfGdzsvx","tlshash":"56c153847983b970b2337057f0ff48d561baeba575298081964ec4a05d7388ee0a7abd","first_seen":"2025-10-27T08:47:54.273294Z","last_seen":"2026-05-30T21:57:45.183255Z","times_seen":190311,"resource_available":true,"data":null}},"time_used":878,"timings":{"blocked":695,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-46-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-46-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 20 May 2026 17:30:25 GMT\r\nETag: \"c2fe-6524326b3fa5c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 49918\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":49918,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"2cd81b2081420af9f78de447142cf014","sha1":"76caaf890e9c2d8a6aaa3b52364d57174c3442b5","sha256":"3be544b9eecac9d8c875df3ce04addf2dcf266cc4eff6e98f0c0410276265610","sha512":"8a93285a2da7169d06a2545de6e789598fb2d0d221dfec960705867f1226dc72de34d4d10648f0047809a081eea9bb9e342d9e297c70f91e9395f7e94febad21","ssdeep":"1536:8zSruvTxlTvCthnGPmjMxQgWc3k2vjH/UTGZ0:kTvCthn+xQ+Y3","tlshash":"bc230226db0495ede0b4ba1f7b28787ed11a871e287c920626f6d327d3b18804499e4a","first_seen":"2026-05-30T20:39:08.73455Z","last_seen":"2026-05-30T20:39:08.73455Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1752,"timings":{"blocked":1545,"dns":0,"connect":0,"send":0,"wait":206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-67-300x239.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-67-300x239.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 29 May 2026 23:09:47 GMT\r\nETag: \"29fd-652fcf0ee1a1e\"\r\nAccept-Ranges: bytes\r\nContent-Length: 10749\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10749,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x239, components 3","md5":"2af9717f3f6b881c4284d73ebf286564","sha1":"f193ca51a93d96f5385959428c9a3246e31ee9f6","sha256":"d8ef23b098663edbd24bd3351cf76d5a121ed49186a90df905572b89dcd90e28","sha512":"8b9681d0e99b68e8597a17f6dad3049c666f5e51905b288ce4089d65dfa8be67f67f120353314ca150afdf2933fb3a898f2193b2f3d5401f6802a07ff0ed923c","ssdeep":"192:/Lw009R9x82WJmsGUOP5eGopyf9Q+sKEQP6ByL+j1TVYmwiLx4qL+Q7NDgXWJ:TG9RDMms/mQIl5LaNO3+xn3paWJ","tlshash":"de22c0d8ac7747a9de657ef82a2ca9b3461d654800cc06183fb4d0e812a02ff636cb53","first_seen":"2026-05-30T20:39:08.735886Z","last_seen":"2026-05-30T20:39:08.735886Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4977,"timings":{"blocked":4795,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2022/05/9e6674e3-4630-4733-975f-1f4d327acbe9-300x157.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/9e6674e3-4630-4733-975f-1f4d327acbe9-300x157.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 18:36:15 GMT\r\nETag: \"27f5-612ee1e05e942\"\r\nAccept-Ranges: bytes\r\nContent-Length: 10229\r\nKeep-Alive: timeout=5, max=81\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10229,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x157, components 3","md5":"bd958d5f95d99738c07da88022511fd3","sha1":"44e42eafcf48ed47417a658b67b461eee01825e5","sha256":"68d01489941e9c00fd20c0d5cdbbca3735d4a1f4f461d71c7d396faf683564bf","sha512":"79c7abdc3395c34326e5228f8608c2f51950b755f6a0fbe036cf5a753bf9e4e0100448f2a5134c1566f53b487b0bacba3c032d83144c9f6ee946611339950604","ssdeep":"192:MXOPVGFVTDwCqtgXGFuK0JTBqrUgRkxip7JNyuV8oKHxh9fggARxplPWPqdFlP:hVmgjNFuKkIr8xipdouWfxh9f9ARxpl7","tlshash":"8d22afb42b00c043d6eb2f7958deaa322e750d19aa32b7593d30d96adae11f40fd0564","first_seen":"2026-05-30T20:39:08.73766Z","last_seen":"2026-05-30T20:39:08.73766Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5171,"timings":{"blocked":4963,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/Captura-de-tela-2026-05-13-132409.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/Captura-de-tela-2026-05-13-132409.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 13 May 2026 17:26:52 GMT\r\nETag: \"c0aa-651b6491af851\"\r\nAccept-Ranges: bytes\r\nContent-Length: 49322\r\nKeep-Alive: timeout=5, max=88\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":49322,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 597x446, components 3","md5":"4619a68b21ab29e021e92aafef7b6861","sha1":"b16f649f201d1e0168c7bb363d3e614c73b44aaa","sha256":"f6ccab3e333c7f0f46ae5ea6377fdaa12e27132d948cdf88f98f125ccd413a73","sha512":"c4ae98c1fb4225019bcdb6692cda5cf57f2cb867b4c6710833c1fa22377f781bdef4f641bdaa186961ca4384054e62940b3ea498716eb6062270d1c3400d6bed","ssdeep":"1536:blckuqVfuAMmN1TnPsJ6cU0zNhfqFvaW6Y2:KkD4YjkFvSZaWy","tlshash":"332302d21b0effe0caf525b31056e4c1848f3b9465d70329b374a297a6ba15cc98f275","first_seen":"2026-05-30T20:39:08.738848Z","last_seen":"2026-05-30T20:39:08.738848Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3773,"timings":{"blocked":3564,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/satanica-trans.webp","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/satanica-trans.webp HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Sun, 17 May 2026 15:07:48 GMT\r\nETag: \"50fa-65204cf1bc94a\"\r\nAccept-Ranges: bytes\r\nContent-Length: 20730\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/webp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":20730,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 800x440, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f88509338a31def9b8f8adadaeaf53fb","sha1":"05ad03216f26a5a3861f498f3792d271ea1f89ab","sha256":"1fc702e0db65b70c8949eb1484ed0b1225643a8f00308cae1d15274f3faec42c","sha512":"94c200103b8503c88ec3833d3f3b9b3821d64df3eace61a205ec4504f68d0edd602beab0ee1686d34d08334ed3395a50b7d481f1be34a81dcf71155ce056eb61","ssdeep":"384:4jSnvToXsvA2jOwpJdp4eoWgBkquHl/j4OICd72VLkyeh9GtM3APFJ:4jwToSA2DpJdpg7wpRt92VrMEyAtJ","tlshash":"4d92e03da3f2c1e1e78b8a6ec650b51711de980739cd9b3647c4815e41b8df4a2b8b0b","first_seen":"2026-05-30T20:39:08.740189Z","last_seen":"2026-05-30T20:39:08.740189Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3756,"timings":{"blocked":3548,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2024/06/profissoes-2030-capa-870x570.webp","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2024/06/profissoes-2030-capa-870x570.webp HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 05 Jun 2024 14:11:34 GMT\r\nETag: \"c818-61a2524de9ce7\"\r\nAccept-Ranges: bytes\r\nContent-Length: 51224\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: image/webp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":51224,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 870x570, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e4b8624ed0fbfbc91c3e19da51092a69","sha1":"2a7905f041d7f2b99e0d87292b9c9d14602c122d","sha256":"c26bb9a9229ebf763787bdb036fb84d658f63fdd05bd9a8eb211e5dfe504cd61","sha512":"6bf70b1f4a36eca92aafbe31bee3ac7c4ee402a99fbb508012dce2fa1153a4d4878b867213cd2138a961d999bf577b752a6b1c3827873a387537a1d13fd62aae","ssdeep":"768:bLm8708X16O/9l+SoZMjlTtLqTHQEQiWe6k+N2q1MliC33cF31N337sdR:bLZQC1ZFl+SvjJRErWKF0CnE31BrqR","tlshash":"b033f223cf332ee29a2154d84add840f46124ec5eae73f7ab68c856770af4839567613","first_seen":"2026-05-03T19:35:32.008945Z","last_seen":"2026-05-30T20:39:08.741478Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5208,"timings":{"blocked":5023,"dns":0,"connect":0,"send":0,"wait":183,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/Captura-de-tela-2026-05-27-173106.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/Captura-de-tela-2026-05-27-173106.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 27 May 2026 21:31:47 GMT\r\nETag: \"9e14-652d356c59a04\"\r\nAccept-Ranges: bytes\r\nContent-Length: 40468\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":40468,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 569x396, components 3","md5":"b507999cf571dc1d36b1b321f7b9c321","sha1":"fa1e6d52255751c6ddfe9990858f4fddafd7befb","sha256":"343de628d496ffa304683e9fd3ddc6ebdc510cc59ef63e978bcca19df0dec832","sha512":"0515fe6673bd7b44581602647ca26036019eb8f889ccaceb3962f310142e0e12bda9e3d366f6f38c724b546715b136b8fd8b899c34eed5fca3869d000a3086a5","ssdeep":"768:VJ4ucLnFkkE4W/O6ufi4rb4L9yO1IIRoyfG/MHb6+Z8tuclvtfnAe+7r:VJUnFkIcO6ufvf4L9yO1Iope/yratucK","tlshash":"3203f1546c8118f099d9d5920c06e00ee4c818b26bdfa0920a77a47ebf5bc7ed3fd5b9","first_seen":"2026-05-30T20:39:08.74273Z","last_seen":"2026-05-30T20:39:08.74273Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1528,"timings":{"blocked":1343,"dns":0,"connect":0,"send":0,"wait":183,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/02/elielcio-academia-2026.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/02/elielcio-academia-2026.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 24 Feb 2026 12:58:09 GMT\r\nETag: \"2bd92-64b9170773410\"\r\nAccept-Ranges: bytes\r\nContent-Length: 179602\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":179602,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 900x1157, components 3","md5":"1bc8c69f12c5e2edabf5e26565dffbc0","sha1":"7e55c372c437c6a45cca3efa39123c08cfea9019","sha256":"d1a0cb1d8d9e2a138ae98617a5972baeabe50bf7742b4feced5dda3b73e645e6","sha512":"dc0b02422345a97655c03d36a60ac0fa84a199ddbce106c304a4483ec0f183f1d5aafa94fd0b0c1bd32eca0329ee36d0d422a9e8edd0d118ae1ff99caa0b88a4","ssdeep":"3072:mXM+D3+toB4G2cg+GOv35BX0fhg5q9ZWSKEw/r/iSmpSELN2wIdxI/:GMWFaGrCOvnShg5q9oKwT/vCMxI/","tlshash":"4e0412387ba044b0ec3d44ad54a1874d9f3b9a8548a578b1747d22f3ba83f412db9b4b","first_seen":"2026-05-03T19:35:32.138646Z","last_seen":"2026-05-30T20:39:08.744849Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3915,"timings":{"blocked":2625,"dns":0,"connect":181,"send":0,"wait":182,"receive":548,"ssl":379},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-58-300x225.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-58-300x225.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 27 May 2026 12:51:25 GMT\r\nETag: \"4cf2-652cc11c8637b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 19698\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":19698,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x225, components 3","md5":"6bba8108fedf1cbc19429609ae867e23","sha1":"d04737569ad20b43d295a12b8b504ee7bf70ba9e","sha256":"c68cb63bd9462693d0531a7acf0c26e849c885f2499edad629ad976593f43b70","sha512":"bdef389546d27dad8cd8d5b850a47f2f668d391abc60e6c6db33705f6f33df4a43767846fcc5eb74b7311f1d2e799bde70f01a7f0e345e2aac0037ce51645d7c","ssdeep":"384:hKLCWcbCJueWc8CU3B29hVkZ/0GCibtg5XoB74OBRj1Y1RRe7Jo90acF:h2CHGJu+8Cz9v0JCQWX474iRja1RRgJF","tlshash":"1a92d0bb918c8268ff434829c085b3857dae0386b315969b73b0c5f351b94c52cce8eb","first_seen":"2026-05-30T20:39:08.746264Z","last_seen":"2026-05-30T20:39:08.746264Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5002,"timings":{"blocked":4795,"dns":0,"connect":0,"send":0,"wait":206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/whatsapp.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/svg/icons/whatsapp.js HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.addtoany.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7776000, stale-while-revalidate=30, public\r\npriority: u=3,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=If8WHaj%2FYLaD79jg%2FL7T354FNlJtfdeg2ApwwFWgG3mk6OC1TOt%2FTLu5IghGo9wXX75lMEHTAjtfcAibkj%2FPxzCto2K4ldMurWWXj%2FU4mfjM894k3KAKrxT1q1uhFvBkpybRIyWy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"83af4df8173e43227812296bb8542dcf\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncf-ray: a0408b099db35fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1108,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1108), with no line terminators","md5":"0e8b3ac6bda5451ff39c5ecd6d7b3873","sha1":"fb477a11167000a30e45369e686ec43dd62d026b","sha256":"c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb","sha512":"b9145fa20ccc86c3e3e28ded1df1611ec4bd8ff2fe0d93d392081248d59d77a4982150f85d8ef0b545850ac2a8797a136692e801b23cb26de1227c66e5dd4d24","ssdeep":"","tlshash":"d31100c92110d3a41c97d57edf6e9d46a61f707d75bc24d6039ecb28498f0edb50c845","first_seen":"2024-04-12T13:25:33Z","last_seen":"2026-05-30T21:47:18.746711Z","times_seen":5090,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/10/Racon-Banner-site-animado.mp4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:34.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/Racon-Banner-site-animado.mp4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=163840-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511; clever-counter-95947=0-1\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 15 Oct 2025 22:16:38 GMT\r\nETag: \"19dacb-64139dab4f9af\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1530571\r\nContent-Range: bytes 163840-1694410/1694411\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":495859,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"bdf368d6bccde772aec2c59b0d916c59","sha1":"b87c3a90d04643e437190b04f407dc3e7eb465c7","sha256":"84cf61fdf875d549ac361a3f38a9f9a6843a79278796f66105b280425149c0cd","sha512":"6e13abba7ed14b08b8a2c08c041a87c297c9982bcb87e33b820fcd05b5694bb03c17db04a849143645e7b70291a5c3bfb7646cf41fe35feedbe4cb18746866d3","ssdeep":"12288:P8DqP1hL8hbEDHOlV4sLmcNDVMKOUYcz/pl2T:P8khWY7OlVfqcBVMvC2T","tlshash":"6eb423db0796d47b4a63da7184e7070cf44a07162745c1fcdb281ebbf2a0b5a8606f9b","first_seen":"2026-05-30T20:39:08.748188Z","last_seen":"2026-05-30T20:39:08.748188Z","times_seen":1,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":183,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 07 May 2026 14:47:29 GMT\r\nETag: \"644-6513b5c0b1e16\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1604\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1604,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1604), with no line terminators","md5":"2a489d28e2fc2088b3fe0bcda8417525","sha1":"af48dd19c11ceac12d2473b2b8e216da9d9d432c","sha256":"c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5","sha512":"46f79ce0ebf4897749487b9180fceec67020429a6c6928bea7f4a0814422ef840110ed9e35b1e3d5b3ff040cde013b71df298d389afbbf361de70393bf90f19d","ssdeep":"","tlshash":"9c31698b939c86e4b463e17b1da912fc2c10f75a970315a5eb70f70c80cbd8c2679647","first_seen":"2023-07-14T14:43:13Z","last_seen":"2026-05-30T22:29:26.437151Z","times_seen":19552,"resource_available":false,"data":null}},"time_used":870,"timings":{"blocked":688,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/flavio-trump.jpeg.webp","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/flavio-trump.jpeg.webp HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 29 May 2026 14:33:41 GMT\r\nETag: \"b20e-652f5bb30a666\"\r\nAccept-Ranges: bytes\r\nContent-Length: 45582\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/webp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":45582,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"64e5c54a3a788aee65bed5567e80dd6b","sha1":"4413c32b74070dfe92ac1dc3f83115fbfc3f8e6a","sha256":"86f89c4daee20977550fd4ef4b47c9d74ef9bec4a9a2ce1edce16761e5a2af76","sha512":"bb4f65b800892a02f95621a8d6f1e3c5442ef9cff59ec56d94d8bcd57e1765ad8fa7f81311bc4880eac591123eadf9fb006c731c9782886c223d088abce9b0fc","ssdeep":"768:JiyQAGXAWx75aLF72gTNkA73hnc1Ys2MgcextBb+EPnaboUmqEqSRTSJsmFsfEKV:2WWx1ESqnnGUce1Jnabx0qS5csmFyEi","tlshash":"4a23f16fe6a43d00e6cfa43cf913c7932d118a58d2ced82848968b5e9d25f178342db7","first_seen":"2026-05-30T20:39:08.750972Z","last_seen":"2026-05-30T20:39:08.750972Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2451,"timings":{"blocked":2244,"dns":0,"connect":0,"send":0,"wait":205,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-2-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-2-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 04 May 2026 20:06:29 GMT\r\nETag: \"99da-6510377593fe5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 39386\r\nKeep-Alive: timeout=5, max=86\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":39386,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"a878f927e742753adc927d1f0953a46e","sha1":"a627b89456e24ab925e10b7d56ae81e11eb15749","sha256":"438ecfef0571091fdf8c4c56fd6f16c9c4edb3828995b0256d0875c324b020ef","sha512":"05d7d82bd748260d34fa5e91b706527a39e44976b33f84d49323e0c65f37a4c436977bff879fada08a4fb2c919cbcd798011381ecd8f68d8db723f5abd6931bb","ssdeep":"768:8uy5TJ+K4ZIYdQcjL+5Du85liQaiwijXUFhtkstH0d367:8uyuKVVcjOx/pasjbKUA","tlshash":"c903e0d71fd072ac0001cc976e10cb7542848ebea77a2f1557f096af98cb8d97b2a744","first_seen":"2026-05-30T20:39:08.75221Z","last_seen":"2026-05-30T20:39:08.75221Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4187,"timings":{"blocked":3979,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/06/67b3c6d8-b19b-4d06-bafd-83800ce49595-848x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/06/67b3c6d8-b19b-4d06-bafd-83800ce49595-848x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 27 Jun 2025 17:09:39 GMT\r\nETag: \"f3d5-63890be517876\"\r\nAccept-Ranges: bytes\r\nContent-Length: 62421\r\nKeep-Alive: timeout=5, max=84\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":62421,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 848x570, components 3","md5":"f82c179e7b8d349641eea73cefe5d060","sha1":"c015acd19773ebad6b6f57da52d0b5d6565f4c9d","sha256":"f705fd311a1e35dbeb2b5dd40fad6db83a7075a59d36b0aa8fc90f14bee36cc0","sha512":"dbd3eef4ea8bd34d00b5d6d640f54e3aee523ea89c873eb152afd2deb833969a6e701f0ead21df735717737167558e7955da8bccdd64be14c317a1c2e9bfd7c6","ssdeep":"1536:yGa9BTN1kuSaWgBEhtHQr3ifQaHZOzfbrVFLUyh:laPNCmE/wriQa5Oj3Lp","tlshash":"3453022f44f7e3c26434d7a1c87083077ecb9a6c244d47c6b27793a39a391e959b9e12","first_seen":"2026-05-03T19:35:32.12796Z","last_seen":"2026-05-30T20:39:08.753438Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4603,"timings":{"blocked":4394,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-68-600x600.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-68-600x600.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 30 May 2026 11:52:53 GMT\r\nETag: \"10f3d-6530799fa8b26\"\r\nAccept-Ranges: bytes\r\nContent-Length: 69437\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":69437,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 600x600, components 3","md5":"d2685efbd721a200021625a2697cd33b","sha1":"a6d385e49d18c25f76ba5628e90de31bcaa0fdba","sha256":"e3fd857fe43b47076830d8e804b381d34d6b963b07f5bc3462fbed97e0382e38","sha512":"875cfe5359637ba0a96396107bdc5b16818d8be6eb3090054fbb121d7cc90ac2ab97dacaf65645eda2226fa134a49c7c8797b91fc1fe7a01da23cf096d85295f","ssdeep":"1536:3IW7Wp4XzDgvtjTLoj/cvPc3nJZ0d5sPRG3xRoKk3SmQKug:YW7Wp4DStjq0vPcsdAoBRjk3SmQHg","tlshash":"0d63027615da6c07e41cde22d3421e0ad7df9b18481706ce86f2cab6769d0ecb4ee284","first_seen":"2026-05-30T20:39:08.754755Z","last_seen":"2026-05-30T20:39:08.754755Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4782,"timings":{"blocked":4572,"dns":0,"connect":0,"send":0,"wait":207,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.95","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.95 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"8371-6326ccb162250\"\r\nAccept-Ranges: bytes\r\nContent-Length: 33649\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":33649,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (28816)","md5":"c2c8bcf463659ee7bb4994ea94424778","sha1":"77397ddb48f0ddd0f6288cd8570a6390c276eef2","sha256":"b209bc1f2340a849486de9d3b709e8443794ea78086753d84c5cba89a9726ab2","sha512":"808c780f0c2238423d3188ac578d33ef75f44ed08d7ca6fe5ae04bd0a3dd865481de9be72aeb17430b8d72fd3d7cdf98fc63074ab8de087b0b74d73280e15432","ssdeep":"768:4gydMdJjARspdUkhWJjFebIBl812LtvRXyjNMUb5Rv4AtqXV6tVa:X8PvRiSA8lr","tlshash":"07e2d7cdbb89f4751297b2b2a17fb647f73a248a382e5010e124ccd16c7494f9263e5d","first_seen":"2025-03-28T22:58:30.905752Z","last_seen":"2026-05-30T20:39:08.756124Z","times_seen":142,"resource_available":true,"data":null}},"time_used":1224,"timings":{"blocked":1039,"dns":0,"connect":0,"send":0,"wait":184,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/418.66ea70734eb9e0d6ad3f.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/418.66ea70734eb9e0d6ad3f.js HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"ad0-6326ccb15f370\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2768\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2768,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2768), with no line terminators","md5":"931ba1913f42a9a1a0f013613571c8c4","sha1":"c8b29e8a83ea50bdc5ea15bc16965f52797cf02d","sha256":"6ca3f8b3dc8d4beb66fc7bd15a02fa49a16038d457e6e25b55e50cc30ed6322e","sha512":"588f17295dc0c9b9de4410159e6dfa77f0db0d6fce1b93d9e4c2301fdc8f6812a390c2bb3e01149e623ea3b7b1003dcbed2f7d43a2edabcc34ceabf341527e0e","ssdeep":"","tlshash":"205141c8b255f6f28adae15d823f8602b2343da63469e084a25059d0496099f70bbf7b","first_seen":"2024-03-06T22:24:29Z","last_seen":"2026-05-30T20:39:08.757375Z","times_seen":453,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ui.cleverwebserver.com/","fqdn":"ui.cleverwebserver.com","domain":"cleverwebserver.com","tld":"com"},"ip":{"addr":"104.18.33.247","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cleverwebserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 May 2026 08:42:32 GMT","end":"Sat, 08 Aug 2026 09:42:27 GMT"},"fingerprint":{"sha1":"C5:AD:92:0C:33:CC:C5:20:2D:5A:53:36:25:72:86:F4:A9:0D:56:18","sha256":"EA:7E:B0:65:20:7D:14:E4:7F:C7:89:41:BB:2E:83:D0:A1:D8:05:61:20:C6:D2:53:C7:E5:DD:79:C1:95:7E:99"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ui.cleverwebserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncontent-type: application/javascript\r\naccess-control-expose-headers: *\r\ncf-cache-status: DYNAMIC\r\naccess-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization\r\naccess-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: a0408b0a6e96b518-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":218,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"f312898f7dc6f38953ec935c48dee9b6","sha1":"ce2420228955d98a3f5da50bf3d01865c8d2615b","sha256":"9045f28965b5f576b134039230ef06b0d72d433dad312b504c60aaeda7d7df47","sha512":"4663314c898ac2b3e071d857c46c5a5148da8759a776be8e56297e6e21fdfcd2a05dae8e37714f0f8d0b0a08a56ebcf2089746b942fd90cf1d1f698e14a95085","ssdeep":"","tlshash":"fed0231054de7c035fb7f605170716555ed4c01d1ad46ca5c4f0dd0840949469719778","first_seen":"2026-05-30T20:39:08.75798Z","last_seen":"2026-05-30T20:39:08.75798Z","times_seen":1,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 07 May 2026 14:47:29 GMT\r\nETag: \"81-6513b5c0b1e16\"\r\nAccept-Ranges: bytes\r\nContent-Length: 129\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":129,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with no line terminators","md5":"5ef26b5e47e6951f43ecf2b1fc645222","sha1":"081afb52577f6f3bb044fdea6d34a632c3cce7e8","sha256":"50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1","sha512":"a0876397327a5c6b4bca75605fa97ed7243ad78d9fd285f8a55ad2525e1070fdb197d1ae0687b3fb603946bf6dfb567eb3be3a636fb9fca6e36d03055ce7794c","ssdeep":"","tlshash":"6fb09b1d3474e95c48735551903bbf1d75133d33d7401995054c25a15f2866e5043d4d","first_seen":"2023-03-07T01:03:19Z","last_seen":"2026-05-30T22:43:39.537684Z","times_seen":23086,"resource_available":true,"data":null}},"time_used":1218,"timings":{"blocked":1036,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2024/06/Sell-Agro-Full.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2024/06/Sell-Agro-Full.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 25 Jun 2024 14:40:15 GMT\r\nETag: \"1bd48-61bb7e039bf2b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 113992\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":113992,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x300, components 3","md5":"77ef932ff6f42966230f6a4d8694b2f8","sha1":"6fddc9e0e54b05627f541bf8a7787268fdfdf9df","sha256":"4719691e9d6abcccd30ac3eb2dfb973eab92e99cbef36be6642adae8fc96824d","sha512":"caf343143b376836c112562cc078390ce42380f99f232f6ecf52df08860a5f19da95202628c1957b2df2b80551dc4dd4076c65ef06a170d4f876e87b061ab441","ssdeep":"3072:VWHGtTHupF5hF4OWjR9gbDNYrl2DPKOYvWxA:MHGBupDhP8R9gdYrl2uT","tlshash":"3ab31273fe43cf3638b46ee8415ecb9188c29c639117a4056b72ca65e58b83dd1d52d3","first_seen":"2026-05-03T19:35:32.067283Z","last_seen":"2026-05-30T20:39:08.759926Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2683,"timings":{"blocked":2496,"dns":0,"connect":0,"send":0,"wait":182,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/c908b019-e86c-4580-a817-46b518726c84-870x570.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/c908b019-e86c-4580-a817-46b518726c84-870x570.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 30 May 2026 13:49:23 GMT\r\nETag: \"eab8-653093aa336d8\"\r\nAccept-Ranges: bytes\r\nContent-Length: 60088\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":60088,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"c3dc353cfc624b209487d50474e753fe","sha1":"e88df71450660f9f1bb5760e5e316b9fa64398b3","sha256":"5303512a9448b8827dc4f804fe6eb5416d060e01398388b6f257ffc06bce180c","sha512":"b39747cabbe6de621b88494f28c4b583ddf5429540f1b3d40fd5d809093f735765d665b7dfa9c16dad573f80eba69b40db0dca5392bb1a637b9832a338169438","ssdeep":"1536:8rlvDLFGd9ssfus7eqYnA07a5ks2aQgnjjB9kOqDH4Ai:eBlGd9ssfJTYA07a5SgjjL4H4r","tlshash":"094302e602670140d28d4e3cca7a5dc0a68aea8f65702bcab9f2f10ddd3b6c8dd16d55","first_seen":"2026-05-30T20:39:08.76128Z","last_seen":"2026-05-30T20:39:08.76128Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2487,"timings":{"blocked":2303,"dns":0,"connect":0,"send":0,"wait":182,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2023/12/hospital-regional-pm-990x556-1-600x556.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2023/12/hospital-regional-pm-990x556-1-600x556.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 18:03:30 GMT\r\nETag: \"f1a2-612eda8e824b7\"\r\nAccept-Ranges: bytes\r\nContent-Length: 61858\r\nKeep-Alive: timeout=5, max=88\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":61858,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x556, components 3","md5":"eff47c6a1b3b73c2f607debe97568b70","sha1":"b9da29b9c934d296565a6b0f16d1d01968da6e65","sha256":"75b1ccd939ed6216738fdcc0d19082fd7d38b6458bb66c1b4d1e1f73bac7d9fa","sha512":"5767de89026d9d1a8ae0953d7c53ca2b1c317186647d5eac0d1e5198f812ee00e4c924abfbe741341018d46203d4ef61f3f3b2b6885b95258b157b969480a71e","ssdeep":"1536:f8BXUrZ47NNA2puvSavnnNcfPs7yEAH7T7cEDfjL45g:4NXpuvvnv7YPVIu","tlshash":"1a53f15366e89350f460aca3afc14e11375dafd0141819fa6e1ffdf8ab96dcc2466c28","first_seen":"2026-05-30T20:39:08.774987Z","last_seen":"2026-05-30T20:39:08.774987Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2402,"timings":{"blocked":2217,"dns":0,"connect":0,"send":0,"wait":183,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/10/cd673e80-5a3f-436d-8b92-bc8fe61fbe2a-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/cd673e80-5a3f-436d-8b92-bc8fe61fbe2a-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 16 Oct 2025 14:04:34 GMT\r\nETag: \"f47a-6414718c2676d\"\r\nAccept-Ranges: bytes\r\nContent-Length: 62586\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":62586,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"100ac18fa7cab1a2ee17529b06280e4c","sha1":"bbdf1238a898c99acb0d7980d3deda0e85071e90","sha256":"e0b9398d598a523949f3177d3af464c3b1ed6f2595d9a1f03139376ccaae7b17","sha512":"383cf352720b47d25858f285f3a34e4f2c6381209e3bc540930f5a33126856f2c332d1b772a5cf0efdb2a833eea07ee01ff5030ac547eeaa5b26703aa8ae8fc7","ssdeep":"1536:8dl5I6qFYDFF9qmldr8qaDlhCO3IWtsNNeFhtEfEwf:wpqSDNDVBWaL0tMt","tlshash":"f953027742dbe64b1d261d63abd0623cf3314790f2a9ec953a17c5a3859b0f052e68e0","first_seen":"2026-05-03T19:35:32.094534Z","last_seen":"2026-05-30T20:39:08.776363Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4530,"timings":{"blocked":4321,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/06/4256ff9b-d3cc-45e0-9968-3430a3d20082-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/06/4256ff9b-d3cc-45e0-9968-3430a3d20082-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 13 Jun 2025 16:44:01 GMT\r\nETag: \"f363-63776c0d9f4da\"\r\nAccept-Ranges: bytes\r\nContent-Length: 62307\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":62307,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"ba2fef69c1a43098605367366860ed94","sha1":"fa0937dd9c2b5fa17d080fa735fcbdedd031f2a8","sha256":"9562b30c47c9af30ea3fb093e2da857ceeda945b2dc296cc7fd5e948c6e04521","sha512":"cf557dade378ca46dabef3bb0d83293c0f8f16fc80c6aba43bd3614aec7fd6109ac594e3b234f7acc5c49febc29bf88fde2f24fb81bea06185e5d93445f4faf7","ssdeep":"1536:8TW1mHyfFHVO6Ju5HbdUBecl93u0O73HFW2IM:6cmSfXBu57dUbl9tw3FRl","tlshash":"71530286ec5e844ef9a98c6b5c81508f7c2c81df8de13e627e2cce8813057f99d59e52","first_seen":"2026-05-03T19:35:32.095827Z","last_seen":"2026-05-30T20:39:08.777562Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4662,"timings":{"blocked":4478,"dns":0,"connect":0,"send":0,"wait":182,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-63-300x230.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-63-300x230.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 28 May 2026 13:21:53 GMT\r\nETag: \"31df-652e09c9267f8\"\r\nAccept-Ranges: bytes\r\nContent-Length: 12767\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":12767,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x230, components 3","md5":"6216aa3f1b612fad53a668dee02c1f95","sha1":"f850462c0007ed5093ff31a09bbaa52ef8eaa18d","sha256":"7035b405809f0277fe71036d841eb02a262d8de20f8f0261ce19865b4c99eb48","sha512":"beda8c97d18a16c9d66b14b3274aa96d9ed74fd39de265d9b1c0903ea481ca2bf0f6fea2b47ba95e417481b6717675a7cc0f8c4058bf525cdd4efe84e6cc51f1","ssdeep":"384:6GZBK5n58vAESyJDhpug1R4yuqv6tDtecgbAnsE4yjF:6bR5yJDSGR4XqvYTgbAZBJ","tlshash":"1e42cf57d60a480293cc5e9d1002f8ad9b7deca230b51f320efae5fd9b34fca44594a9","first_seen":"2026-05-30T20:39:08.779025Z","last_seen":"2026-05-30T20:39:08.779025Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5146,"timings":{"blocked":4939,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/dist/api-fetch.min.js?ver=3a4d9af2b423048b0dee","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-includes/js/dist/api-fetch.min.js?ver=3a4d9af2b423048b0dee HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 21 Oct 2025 10:14:02 GMT\r\nETag: \"16a7-641a875818e80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5799\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5799,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5764)","md5":"11287ad1edffec6fd95526dfcdb9f723","sha1":"fb182cfdaa075a8c9fd513d2a535405d26849b82","sha256":"8dd8533a009cc53a4262e3a18bb69f18ddbb17f9201983845c14173d5f54a323","sha512":"9454be02fa3b758ff0418605dc0cb0d75f422b9cdb0380a3276a65c79a414f3f98e59e50fb912856bf27a1e52038e4a66b062ed5840e4c2fe4e3bee7ea7cc2c8","ssdeep":"96:84ZWAVsa7mtObr0bTLnPhiqkLDWqmEVVtCgtfitfBxHwXT9T786TtWshNae9jzG3:nWAVbCob4bTDPhsLSqmEtCSAHwXK6g6e","tlshash":"b9c1dac430c3f417276e1edcb8fe0526f95b8a89745d8480f6d6ac2638fa40ac036b66","first_seen":"2025-12-02T22:49:33.841226Z","last_seen":"2026-05-30T22:13:31.998523Z","times_seen":10306,"resource_available":true,"data":null}},"time_used":1050,"timings":{"blocked":867,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/css/dashicons.min.css?ver=6.9.4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-includes/css/dashicons.min.css?ver=6.9.4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:31 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 24 Nov 2025 22:30:32 GMT\r\nETag: \"e67c-6445eb60a3200\"\r\nAccept-Ranges: bytes\r\nContent-Length: 59004\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":59004,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58969)","md5":"6c05185027c3a169cea5b065ac28b6f9","sha1":"d075b19cf8656586e9a561d00ea64f19ff0218ee","sha256":"26a7e7b9d4bb9948771c126085b99fba6546af4399e6263e8a69a3e33f6271cb","sha512":"ecb2602801c8b16c7c079c8f76b09e7b42d71000ba3968fc8c173f8c88cfe99e3739f1cc0149ddea7e69e04755f9b077c48f622e7ab8275ec8b4fdf040ee81f5","ssdeep":"768:oey/Z24B3P3aXOhUzSv16CAyLquqSfurIdUMbs73KO08QSJ2BQH02CRqxMWs5IJq:ox/ZvB/qPWMiquqioMUXQSJYIMW+IJq","tlshash":"2c43c2b1a74a40d677b0c843af65b26a5582bd7df8409cdef40b821c1af3635069dfb8","first_seen":"2025-12-02T22:25:19.065399Z","last_seen":"2026-05-30T22:16:01.535295Z","times_seen":49469,"resource_available":false,"data":null}},"time_used":1886,"timings":{"blocked":634,"dns":3,"connect":205,"send":0,"wait":206,"receive":411,"ssl":424},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-9-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-9-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 06 May 2026 01:13:03 GMT\r\nETag: \"128e0-6511bdd988116\"\r\nAccept-Ranges: bytes\r\nContent-Length: 76000\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":76000,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"6f36f1521cc049f607da9d1286ac8008","sha1":"bdc86db77d849d397b87af9426711bc553f2f245","sha256":"e723d5e15ac5ff9fe40d5a1c49a6af6281c38ccd83ca4e499e2e924f56968833","sha512":"85e5b406ce7ef7ede56aee378fcc183d0d7008534a1a40d308b559d89d896c6d2a5e1acc377e5ac07f21a7665bc31063c701b21164ff0f49f2b59eb61dbe1e29","ssdeep":"1536:81bBdy1XZcV98EPAHZ9TKhqeeK+dX0efTEnxYTdYXdebuScyVap5g/f0:iKpo98E4H3TKhoK+dkrnOhYZzg/f0","tlshash":"287302651931db27bf2a6d088493d2a19d7e9b00a31c01537fb5c6fa9489a146e313fd","first_seen":"2026-05-30T20:39:08.782575Z","last_seen":"2026-05-30T20:39:08.782575Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4326,"timings":{"blocked":3913,"dns":0,"connect":0,"send":0,"wait":207,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 10:17:38 GMT\r\nexpires: Fri, 28 May 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210055\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-05-30T22:05:06.786205Z","times_seen":169396,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":175,"dns":19,"connect":29,"send":0,"wait":30,"receive":37,"ssl":124},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 10:17:38 GMT\r\nexpires: Fri, 28 May 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210055\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-05-30T22:05:06.786205Z","times_seen":169396,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":66,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/10/Racon-Banner-site-animado.mp4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/10/Racon-Banner-site-animado.mp4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 15 Oct 2025 22:16:38 GMT\r\nETag: \"19dacb-64139dab4f9af\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1694411\r\nContent-Range: bytes 0-1694410/1694411\r\nKeep-Alive: timeout=5, max=89\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":119864,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"06cafafdc6b9b5b5fd7917fd204a1255","sha1":"83ec42f9283354533b864184d0b06349a126de71","sha256":"18fe903abd79354270117b0735cc80eae48e73f58f0fd1f47393a9daae6badb5","sha512":"662480615175f7386e3f497f6f3b8546855e8d2d1c4cedb066f8bf5c4a9986a0664d94305229020ce580993c6ba5ee6bd1cd0f9792c67182362337ad07e471f9","ssdeep":"3072:QCrugEO8eFOH2vvUfhx6/btBiuECl6OofRh+Nb:vrug98lH2vvUfn6ztq30Nb","tlshash":"a8c31295583e4678a243dae580a6201b4e7d7f35b2b403658b24d042c1fc6de6cb4fbf","first_seen":"2026-05-30T20:39:08.785807Z","last_seen":"2026-05-30T20:39:08.785807Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1023,"timings":{"blocked":830,"dns":0,"connect":0,"send":0,"wait":183,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.open-meteo.com/v1/forecast?latitude=-16.47\u0026longitude=-54.64\u0026current_weather=true","fqdn":"api.open-meteo.com","domain":"open-meteo.com","tld":"com"},"ip":{"addr":"188.40.99.226","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"open-meteo.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 02:36:08 GMT","end":"Thu, 20 Aug 2026 02:36:07 GMT"},"fingerprint":{"sha1":"A3:B3:A2:74:8A:AA:66:80:A6:3E:49:18:22:65:0D:D8:40:B7:7B:F4","sha256":"0D:DA:8E:8C:04:96:8B:58:BA:E1:4B:C8:6E:4D:E3:D5:D3:D7:5F:DE:65:BF:5B:9C:1B:C5:DE:00:95:A8:9A:F2"}}},"request":{"raw":"GET /v1/forecast?latitude=-16.47\u0026longitude=-54.64\u0026current_weather=true HTTP/1.1\r\nHost: api.open-meteo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rgtnews.com.br/\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: accept, authorization, content-type, origin, x-requested-with, user-agent, access-control-allow-origin\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 600\r\nContent-Encoding: deflate\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":477,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d4dff8451e4738a7ef42fe13e88c2715","sha1":"e5c92b266eeca13a2ae3db818654082565238097","sha256":"1cc0b4888b54e8feb98e584686663c5391c63b74005f1b507ec9c2edaa59b7cb","sha512":"3308e9f0afaba6a33f7d1e9f2d00644ab1816f65b35c70233f5abf858358504ed4b735fb7a7b7d6a7eb6ba8be8432aa38c367ef300a6095fbaa634432bf927eb","ssdeep":"","tlshash":"3af09e7419f5497a8a7b832c805a06b62a7830238cc8d520cf7d0e1dc4c6c50c30f21b","first_seen":"2026-05-30T20:39:08.787941Z","last_seen":"2026-05-30T20:39:08.787941Z","times_seen":1,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":101,"dns":2,"connect":33,"send":0,"wait":33,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2022/05/cropped-favicon-1-192x192.png","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:36.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/cropped-favicon-1-192x192.png HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511; clever-counter-95947=0-1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:37 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 18:38:03 GMT\r\nETag: \"463-612ee24760ce2\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1123\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1123,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"f6f95cbd5f86f856bbbc65751b7a3c93","sha1":"74c0943a45f0ac62d11da0bd87b1cf14bc12f3c5","sha256":"712a0b5ec9712e398e071eb1a381c1435cc87b39e9e695fa97ab3ff20c8a61de","sha512":"6df585673af1f2de5e58094fb3a5e16e744057aee0405b25bbe953a4feea3a0489021a48ff0e87d24c52c561c236c8c8f2126154a527f250efaf77ce883ac4e1","ssdeep":"","tlshash":"9a218656601f12b3de227bb637ac13a2d41b3d95c67481e6541afa0b78c1394068c627","first_seen":"2026-05-03T19:35:32.034302Z","last_seen":"2026-05-30T20:39:08.789408Z","times_seen":2,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/svg/icons/telegram.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/svg/icons/telegram.js HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.addtoany.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-type: application/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7776000, stale-while-revalidate=30, public\r\npriority: u=3,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vBDvQ3kNY2IfMXVtq6meuWgF2JYaBlIP8dHj4wWf0mpeZbIEe5neab0UFvYSt1ntNzFSxLHYOqJ9EIXEgP9aKg7bKe1cvGY65B9LfQU%2BIHmnhw7678X6LFitM9TCGGky%2FSrdH9jX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"fb47b4f6548b6499923a1beed7472419\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncf-ray: a0408b099db45fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":360,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (360), with no line terminators","md5":"48f25c508c92c3601cf047609318001f","sha1":"59117e825084c63a0dda48edec82c14a60e16f23","sha256":"6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138","sha512":"32ca9e672cb26c5cc9370d32a2739ad99a933a700250e310955b68ca4a974964f22095179d1a56f8f57c160ee6ab4d3ff659b4bba5838879472289b06bf53a42","ssdeep":"","tlshash":"66e02077611084814c2a54bbda1e614f5434f069529d65d3436ac4f754d726f5c12d8b","first_seen":"2023-03-08T15:33:09Z","last_seen":"2026-05-30T22:29:26.412038Z","times_seen":11654,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-22-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-22-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 12 May 2026 19:27:02 GMT\r\nETag: \"90f2-651a3d9083152\"\r\nAccept-Ranges: bytes\r\nContent-Length: 37106\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":37106,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"5c5962f575e0b778f140f955c15e6127","sha1":"c4c33a31aed0d24cd12550d2879f4d714f57a178","sha256":"5f020737e68e58543ff0d3fd9c9f4d01e04ff89b3535e15d8138baff00a7d2ea","sha512":"e994bad525d78c6ddc602b4cb01a64995a7b613f00c0a721338927d88e022bfd9284cdabbd9ce0ee532b3dac48729287c1ad3a858413d52d6023422916823f87","ssdeep":"768:8NBvCosxjXgF2G/jkTQJA0ZSEMkakqfMtXNod3iFzmkKTI:8N9Co4XgwG/jEQRZnJqfMtXl0PI","tlshash":"caf2d0c78307746ac2a3eeb6d9934a730a5aa17136f0ba5bdf718de241e05fb24524c4","first_seen":"2026-05-30T20:39:08.791911Z","last_seen":"2026-05-30T20:39:08.791911Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3962,"timings":{"blocked":3754,"dns":0,"connect":0,"send":0,"wait":206,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2022/05/logo-rgtnews-v2-1.png","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2022/05/logo-rgtnews-v2-1.png HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 18:40:16 GMT\r\nETag: \"35d6-612ee2c5ccb58\"\r\nAccept-Ranges: bytes\r\nContent-Length: 13782\r\nKeep-Alive: timeout=5, max=85\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":13782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 94, 8-bit/color RGBA, non-interlaced","md5":"df2a1b50b7c2f3108934ef2adef0a180","sha1":"47875634520e1242da6d6a2fa650e72b7f84ba09","sha256":"7f2cb2a94a7b5742b6ffe121325e2b9c98d2943161a55a00b4143c43b5825423","sha512":"f5099e2352e2e15a6457c297ab9745a7829e172e122ad3d6277263f2df7cc91b5cec8494d3f4700348a603c63f6012c6f9a80a2018aba9a4c61cc5a0f82fb7b8","ssdeep":"192:EXBYCp0nsAXXRwRhANO/gY0Md4h+lGWs7ZCLAY4dMGOuF9uPapUTpelADGcwSQpH:kKnFnGa/F+psB3MGjF8iqlekr9hJ4Ki","tlshash":"4552d0fb4355820cbe8462836476e8a4ff66ed903969e02650e2d2509b0724eced9f93","first_seen":"2026-05-03T19:35:32.05835Z","last_seen":"2026-05-30T20:39:08.793455Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3170,"timings":{"blocked":2984,"dns":0,"connect":0,"send":0,"wait":185,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5392-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5392-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 21 May 2026 12:35:52 GMT\r\nETag: \"a659-65253271a1993\"\r\nAccept-Ranges: bytes\r\nContent-Length: 42585\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":42585,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"258ef3e66eb6f0062c2f7658739d44a2","sha1":"f24fd04331f3970fde7a5b6edf1898fb011b6b7b","sha256":"06683498820d92033080f94940e1428ea06b266814a81759e13a8badfe3431bc","sha512":"aba81cefc28d069b4b44b9e0fae7c0a793434bb9648a4e764215474d5e4b3c10ca997e32420cbbe5c1cfcd4847a59fb6b24b1e8caa56d09185979363f2845dbc","ssdeep":"768:8qQfbIxUiOe145zExrfNJyeGA8jJCQt80XTCPzC3My+gzdC1MgBOBUhf:81fESiVczE3/GljJCAocF+gRC1MgBOBC","tlshash":"7e13f1f397872201c4ee9d791a8635588e482200ee4dc70c95b28559e7b37cacfe38b9","first_seen":"2026-05-30T20:39:08.799243Z","last_seen":"2026-05-30T20:39:08.799243Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1547,"timings":{"blocked":1338,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/02/posto-forum-6x.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/02/posto-forum-6x.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 05 Feb 2025 15:15:15 GMT\r\nETag: \"10221-62d6697b5bfc8\"\r\nAccept-Ranges: bytes\r\nContent-Length: 66081\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":66081,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x401, components 3","md5":"13164c5c3b00419710d1faa5bd20a9d6","sha1":"e7f66bda2b552fd0d70142f9b17ad9c1575aae0b","sha256":"addd672a7c54076396ae9eef2970bbce85926a0247a076e4aa98b39be032abe1","sha512":"6bedda615f90a2b07399aadcd1097954a1959360a556f74331e44e26bc1dfd1e187dbd447a44e4a22ad507530ca564b90b2a344dcd57d1437d20d37a2a8002f8","ssdeep":"1536:I0ygmKMJ1KxWq/wzIw0EyUO7k3qH3KwHGgwof5f1RAHid8N/Pi:5ygmzHtITAaawPwof/RAq8Pi","tlshash":"9f5302a247ca6339e66454be02a703cd5b814d37da5d592c3a2cc6b523046ce1f3da87","first_seen":"2026-05-03T19:35:32.107579Z","last_seen":"2026-05-30T20:39:08.801999Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3899,"timings":{"blocked":2616,"dns":0,"connect":206,"send":0,"wait":239,"receive":414,"ssl":424},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2024/05/padre-stu-4_widelg-600x450.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2024/05/padre-stu-4_widelg-600x450.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 28 May 2024 13:15:47 GMT\r\nETag: \"8708-619836e9d604e\"\r\nAccept-Ranges: bytes\r\nContent-Length: 34568\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":34568,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 600x450, components 3","md5":"e8e43b5af19fee193d157f70e3f851c1","sha1":"c1d5156bdc50e940b5288250e7a2cb0330e6d9a7","sha256":"e7853649131cccc3c1870ecd409fc0aa1106b3d972b7f6002f73ec0b76938788","sha512":"5062d8c74ad2472d5dda07175060ca39f33b994a85093594fcc5db22c680b09575e4bb60fa1a2156de4b759754179758ccdb8f60c1659a381cd8ef419fa68a13","ssdeep":"768:kh6vQZBcoUWIwqYSqJfPCCM/peGTmcPGTMgXswFqwCQ:kh6voIwBPHBJrgCjFqwCQ","tlshash":"3ef2f15af2230084e065892e2bf0023ff53956a8b6fc4443247da506effe7c41ac179d","first_seen":"2026-05-03T19:35:32.109778Z","last_seen":"2026-05-30T20:39:08.805404Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5344,"timings":{"blocked":5135,"dns":0,"connect":0,"send":0,"wait":208,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/03/TADALA-SPRAY.mp4","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:34.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/03/TADALA-SPRAY.mp4 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=1998848-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511; clever-counter-95947=0-1\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 27 Mar 2025 00:28:31 GMT\r\nETag: \"1ea8b0-631480897a64b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 10416\r\nContent-Range: bytes 1998848-2009263/2009264\r\nKeep-Alive: timeout=5, max=91\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10416,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"9e1d0a77179d94a693ba8693016e3f47","sha1":"168bb515726a88291be767fff6fc19e523f1b6a5","sha256":"cd763fa638e226bc1fc655c1e8f3608351261e08088e564583256289fa80c2aa","sha512":"771fec38a5086c08eab66a23859baa85705b3af46c50775803200c4a34eae54448fa46466cf5c10cd558e6ac93f00600529caec2b421039e49e23fea54c91688","ssdeep":"192:TuA9x4BexMZAJgWmbEo/vFUIN/aRIuDWdwlxnadrQidrgH/NdW:Tx4BUMZAJgWmbl/+Tay4gxnadrVdr+Vs","tlshash":"e3227d51cb26426ad940477484ed937437b4e1b4a3a3834f8780417cfe63baa4da3ba6","first_seen":"2026-05-03T19:35:32.013219Z","last_seen":"2026-05-30T20:39:08.808078Z","times_seen":2,"resource_available":false,"data":null}},"time_used":465,"timings":{"blocked":257,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brasilapi.com.br/api/cptec/v1/clima/capital/SBRD","fqdn":"brasilapi.com.br","domain":"brasilapi.com.br","tld":"com.br"},"ip":{"addr":"104.21.69.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"brasilapi.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 30 May 2026 13:09:18 GMT","end":"Fri, 28 Aug 2026 14:07:30 GMT"},"fingerprint":{"sha1":"7A:50:75:87:A3:0B:79:C0:0A:71:55:06:E8:43:63:16:B1:75:6A:8A","sha256":"0C:B1:18:24:AF:13:99:DF:51:03:C8:FC:B2:0B:19:C0:7C:F8:F6:E7:F0:4B:C9:D6:22:78:DB:F6:7B:F5:74:8A"}}},"request":{"raw":"GET /api/cptec/v1/clima/capital/SBRD HTTP/1.1\r\nHost: brasilapi.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rgtnews.com.br/\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 30 May 2026 20:38:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\nage: 135134\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"404\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LUV22aikLiDzajoenFflgoiwJQPYrtIJnNdjF9tZpsehCgbmVmgxZA8tx7xOthgFCuG83SqAQ7vDGIrob9hDm12JrJqMq7Ii1w1Aq8deXwqGD5l9JVxZ9TALpZVwXADUfNjT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 29 May 2026 07:06:18 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /404\r\nx-next-error-status: 404\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::6d9xx-1780173513226-099e8ce43ccc\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: a0408b095ffe0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":3183,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1721)","md5":"23051207a71d4d2d906ebc1633789cf6","sha1":"6f23f541bab3bb51255923ab34ae0a0c2ee1eb5a","sha256":"9d00043754e71b19e58fd8bdb5c31d469d13c0522f09a30443eac47c8c0f135d","sha512":"51eaaff7562e6db78d2a1482589efb20bd00255b257463a460ac5ef560f81b2f97aff43e505e7092f8caf3974f2e276f3310fb95c70f4dacbb5896a4b32b4a54","ssdeep":"","tlshash":"f861d713dd05cc062232dca9b136235db047c61fc1b688a8bbcd15b98bd96d78f16d45","first_seen":"2026-05-03T19:35:32.145602Z","last_seen":"2026-05-30T20:39:08.809775Z","times_seen":2,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":56,"dns":46,"connect":1,"send":0,"wait":73,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/a165dbd5-40c3-464d-b802-5c637a6749fb-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/a165dbd5-40c3-464d-b802-5c637a6749fb-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 28 May 2026 13:56:10 GMT\r\nETag: \"14c3c-652e117306612\"\r\nAccept-Ranges: bytes\r\nContent-Length: 85052\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":85052,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"f428120b9fd2d3ed07a34315ed25b349","sha1":"7be8ab680bc01c9fd6b797214e4d49ddbe62ab19","sha256":"d6608a220430bbb86dd40d943ceb289a4d5302bb043b0f97c3c62b72f5611eba","sha512":"09edd49fda54de42ee1dffcee0044f57edb8835c2c856b14a1d325e48398bdbb01947f933c85dcc68b584bc6dbe3981757a040178586cf42f4e03f6d19120711","ssdeep":"1536:8t03oB+/+DPOc/GBslrE1RpYDpE4qq2o/NkuXqn6KRsRaEYuA91wzBMwG7QCdud:p4U/svAkrOUDjVkuXkZRQatuusG7QCdg","tlshash":"338312956058b916da780db7f3d2d3daf1da6fc9f460606409ba83f171d37ca0a1c86c","first_seen":"2026-05-30T20:39:08.813326Z","last_seen":"2026-05-30T20:39:08.813326Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4459,"timings":{"blocked":3218,"dns":0,"connect":204,"send":0,"wait":206,"receive":410,"ssl":420},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_5738-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_5738-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:35 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 28 May 2026 01:43:42 GMT\r\nETag: \"b279-652d6dbb44712\"\r\nAccept-Ranges: bytes\r\nContent-Length: 45689\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":45689,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"577922e422436c3369fb9a90317366f6","sha1":"3352a29eabb2ccd3715c20fe4d6d49033944c34d","sha256":"8655fe76e5d27474de71b7a7e96b362d2e5d50a1ea87b235a9b27bc73caeb26b","sha512":"25489c91751fd764f477f7ff508f904abfd611f98203e821e48410ba550951ec5431c4029e60079b78199134dd9631db7b8972ee013d96b95a1b0ec41d9f13b2","ssdeep":"768:8nBliBLFUEFGIxZqDh+v4QBBCK52GmvZ+dt2o9MzUPRzTXBu3cLLM4tA+Ah5ANF:8nBgLCEFTQh+v4QBBC3NI2oXTyoAV5S","tlshash":"b023f1675b4249eee20f8e7c05984fd873832d94e2e8a7176832b4153b10defb49174e","first_seen":"2026-05-30T20:39:08.816013Z","last_seen":"2026-05-30T20:39:08.816013Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4752,"timings":{"blocked":3497,"dns":0,"connect":206,"send":0,"wait":208,"receive":413,"ssl":428},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/main.js?ver=2.0.28","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/blocksy-companion-pro/framework/extensions/cookies-consent/static/bundle/main.js?ver=2.0.28 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 05 Mar 2024 19:17:45 GMT\r\nETag: \"144a-612eeb270d1f8\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5194\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5194,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4984)","md5":"3d6611ff3405c82e896b145a9f8d515b","sha1":"41da21b9a1b2834538dc99f76a3580e650007c4e","sha256":"f5cb3f272cd3a8f9d02fbc05a32b397e6f471b8d1c74bd7183856f35c8ab3d23","sha512":"64a539e98c05b586746290a223c010ca7aa35904c053a79e1d78982bb249f909eccae31e6ecc258be564d51eaec89e99262fc8ac114e80baea9125aa71cdae2a","ssdeep":"96:7QtvfZzPSyoBqFEQQ5DCpipEg6uyyaUv5blnFN8:8nZzPyBcQJCpipEg6uaUv5brN8","tlshash":"83b195dd769c75b813e721b1003f764ab27324a5ac8980a0c21de5e42c7899b4367faf","first_seen":"2023-12-25T10:25:34Z","last_seen":"2026-05-30T20:39:08.819256Z","times_seen":17,"resource_available":true,"data":null}},"time_used":1231,"timings":{"blocked":1048,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:700:700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,500","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css?family=Roboto:700:700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,700,500 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 30 May 2026 20:38:31 GMT\r\ndate: Sat, 30 May 2026 20:38:31 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10774,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"8d0cc6f28b33da2a7d057d3af93d0ff6","sha1":"94e1dae90fd2bc6893bf85b2cf383c55e35dcdcd","sha256":"d00429f1bfc5c27bb02937a01b78b12ba9e04a32e07fdf9c9c77c3d84c011ce9","sha512":"a89741a2b8f9d934b9fd5673b7271481a8f8c7aa800d332187558df580512c5c2dc69f24011b4d018f16f55b11ca588fdb7e83ae496d6db030438e3a22fc7dc6","ssdeep":"192:/N9fPN9CN91N9fhN9/qON9DbqGIwV4gN96N9u9N9oN9f1N9EN9PN9fLN9/qgN9D0:V9fF9Y979/9yE9/qY4O9A9g9m9f79C94","tlshash":"fe221da10417440097834ce223cebf35fe1f92147142d0b5abfd9b6baddbca652693ad","first_seen":"2026-02-26T11:36:53.880816Z","last_seen":"2026-05-30T20:39:08.680718Z","times_seen":21,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2024/05/GettyImages-1241407608-600x500.webp","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2024/05/GettyImages-1241407608-600x500.webp HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 29 May 2024 14:48:45 GMT\r\nETag: \"e4e2-61998d8f104c1\"\r\nAccept-Ranges: bytes\r\nContent-Length: 58594\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/webp\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":58594,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 600x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9944e8ce5ed988ea418515c11a2162d7","sha1":"e5483b5155fdabecc38aed4af46b96e2c219d3b8","sha256":"27a1c500cae8ec177ffab2852c62fdb129e490f530412734e9bf9a66fe369c7b","sha512":"164a7d28b620cd257f6259142e663f072dc14dfef8bd9cd58d33bf07e758fe9f157d0bd9a29b80debc58d18095a7d9880d72efd922fea585a4497904ddca36fb","ssdeep":"1536:bZvo0crAgwGfduGpfVQF4unPf+1VHZJNbpxLj0M9ae+2:5xczwLGp9CnPf+1V570M9ae+2","tlshash":"2e4302b16ddc644f4fb2b3e486f94e826fd2e6cc21a2e7763630540d865ec62270f548","first_seen":"2026-05-03T19:35:32.199722Z","last_seen":"2026-05-30T20:39:08.821077Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5252,"timings":{"blocked":5044,"dns":0,"connect":0,"send":0,"wait":206,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-C6NCM4X8FY\u0026gtm=45je65r2v9119786200za200zd9119786200\u0026_p=1780173511060\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026gdid=dZGIzZG\u0026_eu=EEAAAGQ\u0026ae=a\u0026cid=1375826367.1780173511\u0026frm=0\u0026ir=1\u0026pscdl=noapi\u0026rcb=19\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=2\u0026tag_exp=0~115938465~115938468~117776793~119034491~119064971\u0026sid=1780173511\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Frgtnews.com.br%2F\u0026dt=RGT%20NEWS%20%E2%9C%85%20Not%C3%ADcias%20de%20Rondon%C3%B3polis%2C%20Cuiab%C3%A1%20e%20Mato%20Grosso\u0026en=scroll\u0026ep.forceSSL=true\u0026ep.link_attribution=true\u0026epn.percent_scrolled=90\u0026tfd=8307","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:36.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:51:26 GMT","end":"Thu, 30 Jul 2026 15:51:25 GMT"},"fingerprint":{"sha1":"E5:3F:1D:8A:67:60:A8:60:56:38:E4:E3:ED:A6:64:D9:7C:89:E1:E1","sha256":"39:E2:E8:B9:46:82:06:98:FA:92:0A:A2:4F:57:DF:DF:EF:00:44:4A:27:C0:C4:99:EC:A5:E3:D4:1A:A8:A5:D4"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-C6NCM4X8FY\u0026gtm=45je65r2v9119786200za200zd9119786200\u0026_p=1780173511060\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026gdid=dZGIzZG\u0026_eu=EEAAAGQ\u0026ae=a\u0026cid=1375826367.1780173511\u0026frm=0\u0026ir=1\u0026pscdl=noapi\u0026rcb=19\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=2\u0026tag_exp=0~115938465~115938468~117776793~119034491~119064971\u0026sid=1780173511\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Frgtnews.com.br%2F\u0026dt=RGT%20NEWS%20%E2%9C%85%20Not%C3%ADcias%20de%20Rondon%C3%B3polis%2C%20Cuiab%C3%A1%20e%20Mato%20Grosso\u0026en=scroll\u0026ep.forceSSL=true\u0026ep.link_attribution=true\u0026epn.percent_scrolled=90\u0026tfd=8307 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rgtnews.com.br/\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://rgtnews.com.br\r\ndate: Sat, 30 May 2026 20:38:37 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:196:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:196:0\r\nreport-to: {\"group\":\"ascnsrsggc:196:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:196:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-30T22:03:09.281406Z","times_seen":15932419,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":88,"dns":0,"connect":21,"send":0,"wait":30,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:500","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css?family=Roboto:500 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 30 May 2026 20:38:31 GMT\r\ndate: Sat, 30 May 2026 20:38:31 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5548,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"4a348be98434ae41b88ef4c63c8d21bd","sha1":"5ff630866c13e03ff0cb4e9c1d23f3316e2b3926","sha256":"be366c696c4d79315aa4e817ddedc09b7f6dc13ee0456dba3377aea5a75a9849","sha512":"f61feca7564ca68f66a69a05c9e6bdda089c80ffbb0b33d30746e13a42e90cd1af1a5178983a9e4146647afde0b87cdcda9b3645209b2ff0a9ae54fc201115e2","ssdeep":"96:1OXMNHlOXMNiFZKOXMN0OXMNzTOXMN/y+aZjzBrgOXMNuubqGIFuV4yOXMNwOXMC:/NHPNTNmNzhN/qONRbqGIwV4gNSNF9NO","tlshash":"8bb11ea10417484057435ce223ce7e34fe0f92046145d0b5ebfc9b6beeebda642a836d","first_seen":"2026-02-20T07:28:47.925307Z","last_seen":"2026-05-30T20:39:08.824005Z","times_seen":380,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":102,"dns":0,"connect":31,"send":0,"wait":33,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2025/06/0a246cb8-0367-410f-8ce8-bac328dcdba5-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2025/06/0a246cb8-0367-410f-8ce8-bac328dcdba5-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 06 Jun 2025 18:35:36 GMT\r\nETag: \"13137-636eb7f004762\"\r\nAccept-Ranges: bytes\r\nContent-Length: 78135\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":78135,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"e938eb3d431524d3fd0df34b8b558fa7","sha1":"913b4a9041520e9f5b0b673ae6d999c235c7cb54","sha256":"a176784e7149d7a52a60c8e7862eb1b6e2354203837546feffd233e4fd0152a0","sha512":"8a22d94fcbdc0fd9a1741392b764432f3ec5c0be43a9f706ef99eba62e692a306305e71427ef15c4592ff1db1ecc2d49d5a4abd7ba255945090a748337a78dc6","ssdeep":"1536:8S2/zyNebPOy5J0EGyzd4w0m12L8O78n7WXGxejeW/ksyt+RNSzgf2xR:CeNgPOGJBzd4RmML8n7W2+F/ksy8NS1n","tlshash":"0773022317716312e56ffa526e53019d83fc365823ebb68bacb5dbc5948e7c19232e04","first_seen":"2026-05-03T19:35:32.157937Z","last_seen":"2026-05-30T20:39:08.828214Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4734,"timings":{"blocked":4525,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-C6NCM4X8FY\u0026cid=1375826367.1780173511\u0026gtm=45je65r2v9119786200za200zd9119786200\u0026rcb=19\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115938465~115938468~117776793~119034491~119064971\u0026z=1145897984","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:36.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:55:19 GMT","end":"Thu, 30 Jul 2026 15:55:18 GMT"},"fingerprint":{"sha1":"0B:35:DC:89:EA:6C:6B:84:37:37:B0:28:E3:EE:28:BF:30:63:E1:98","sha256":"0D:F4:09:F4:10:6D:23:C9:1F:1A:51:B4:6C:60:CE:E0:19:D8:B6:19:C5:C4:86:1B:00:2E:EA:54:40:0A:0E:26"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-C6NCM4X8FY\u0026cid=1375826367.1780173511\u0026gtm=45je65r2v9119786200za200zd9119786200\u0026rcb=19\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115938465~115938468~117776793~119034491~119064971\u0026z=1145897984 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 30 May 2026 20:38:37 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-30T22:03:41.727971Z","times_seen":923778,"resource_available":true,"data":null}},"time_used":242,"timings":{"blocked":85,"dns":35,"connect":14,"send":0,"wait":35,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/IMG_4523.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/IMG_4523.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:34 GMT\r\nServer: Apache\r\nLast-Modified: Sun, 03 May 2026 13:46:26 GMT\r\nETag: \"6521d-650ea0a55311d\"\r\nAccept-Ranges: bytes\r\nContent-Length: 414237\r\nKeep-Alive: timeout=5, max=90\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":414237,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1000x300, components 3","md5":"5d12887a4f1d4d7915ca80b073fd9b97","sha1":"b516e93bdf3efb1fcb4a5fd11af4bdd924d2586d","sha256":"eb1a8d09df13a8208b0e0eb365883342e7790b269d8d5cc771657204b6384c6f","sha512":"0fa028b4d27c026e5dbf64f31490b03e02a97bc3c967e405b95b399e5012ded593cc494f9b44e6c2dc5bb663d60d10ac379a6a7f67b69feaae5e8df933e8a669","ssdeep":"6144:jz+GbIpShkqAs4tYCOhQJvi8pOPKEg4uNbOkbSCIblcn5ib1YXTDS4RrZcRFtevT:wSqqA0TWJvlLN8Gq1WTDSEoDevFEJE","tlshash":"92942358674b9542ddca4caccc29a680931b12b3e9b3a5503db92ef0ef1937114cdaed","first_seen":"2026-05-03T19:35:32.120036Z","last_seen":"2026-05-30T20:39:08.83124Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3045,"timings":{"blocked":2669,"dns":0,"connect":0,"send":0,"wait":186,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/photo-output-57-870x570.jpeg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/photo-output-57-870x570.jpeg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 26 May 2026 02:19:20 GMT\r\nETag: \"a465-652af1f749984\"\r\nAccept-Ranges: bytes\r\nContent-Length: 42085\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":42085,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 870x570, components 3","md5":"fac6210dd90963f82566609a46aed0f8","sha1":"46541e85b3362a9a7d30895ed6876e7524332fba","sha256":"e13a8a9ef6f7b22fa6cf00240e7c929793956df36dad76db699f44e21cf8c435","sha512":"c162ffb588bdef0a3c7de51c30abd271d8a817c668c1514db06481eaa68d00156b6598518df27ee7fff7c63830293c93ed3f69c5346bb5206596c3a25b5e0158","ssdeep":"768:8jSt0PgO+m07oSyZMImjsmiX7qFlLY8uXAa/hqv3r9B0KLexqO:8Wt0oO+PHKM4xUlLY8WpG9Bl7O","tlshash":"0113e16b97dad0e54959cf148b8e81a7c9cfb101ac5ebfe00c35da6730a19f0926d07a","first_seen":"2026-05-30T20:39:08.833648Z","last_seen":"2026-05-30T20:39:08.833648Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1529,"timings":{"blocked":1341,"dns":0,"connect":0,"send":0,"wait":187,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 10:17:38 GMT\r\nexpires: Fri, 28 May 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210055\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-05-30T22:05:06.786205Z","times_seen":169396,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":194,"dns":11,"connect":31,"send":0,"wait":61,"receive":15,"ssl":149},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css?ver=2.0.95","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/non-critical-styles.min.css?ver=2.0.95 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"1944-6326ccb162638\"\r\nAccept-Ranges: bytes\r\nContent-Length: 6468\r\nKeep-Alive: timeout=5, max=92\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":6468,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6468), with no line terminators","md5":"9b0c43ae01308857c3607c3a8e2d1154","sha1":"da69860ec94beb05cc11c07a8a19c1bd319dcabd","sha256":"14312fff51e843319edf340e6bbbac182bfa880cc989b2efc3f98aa316dca219","sha512":"fea728c803fa28511652d1d183bb9c64729af500070eaf206bff7ac01e8ded1a809927d4b62f2190d4cd6798af33f8178625267ad9efa4d7b62e294277075656","ssdeep":"192:xxBZ7jB1UcvJf/Gj/gFjxBeycCPKZyh32:xxBZHB1UcvJf/GDgFjxBd9m","tlshash":"78d123d2f1da807dab238e14e339f906b75a3590ff0611a2a9b24d744ec379551a3b3c","first_seen":"2024-05-27T03:50:13Z","last_seen":"2026-05-30T20:39:08.835275Z","times_seen":894,"resource_available":false,"data":null}},"time_used":428,"timings":{"blocked":238,"dns":0,"connect":0,"send":0,"wait":183,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/uploads/2026/05/24c84358-eb60-4374-8040-ff5ea0ae3d42-300x179.jpg","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/uploads/2026/05/24c84358-eb60-4374-8040-ff5ea0ae3d42-300x179.jpg HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:36 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 28 May 2026 14:39:14 GMT\r\nETag: \"44e8-652e1b1337f4b\"\r\nAccept-Ranges: bytes\r\nContent-Length: 17640\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":17640,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 300x179, components 3","md5":"6ef8cf18dc17408f9cc30c58c140afe7","sha1":"0dd9ce12e5d140674742f3f9b985f1115a15548d","sha256":"180a5620ca4fee2b6d76b325fbe92d921ba55c0b395a0481d6c07272b57642d6","sha512":"9673453560a0a6e869f99b8c86d0be567d3f6ad7a4f0e7ad11d0bdf60a0dc1065bb06afd2d7c82e733c16234d10a5516b78215fb3f05b0b75684e85809eb828b","ssdeep":"384:vv50n6iMufgSs6aZIhchuOx6ZIYv2IKZc++ofu9cgv+rrwxdoj7T:vv50nnMu4qOcIng+pmWg+dHT","tlshash":"9582e1e091f82ed280698ca18ea151dd012d5bd07dc5c658b272efc1476c9fe83ebed8","first_seen":"2026-05-30T20:39:08.835988Z","last_seen":"2026-05-30T20:39:08.835988Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4804,"timings":{"blocked":4598,"dns":0,"connect":0,"send":0,"wait":205,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/themes/blocksy/static/bundle/815.e63c92833a5f3723714e.js","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:33.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/themes/blocksy/static/bundle/815.e63c92833a5f3723714e.js HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:33 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 10 Apr 2025 13:45:05 GMT\r\nETag: \"423-6326ccb15ff28\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1059\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1059,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1059), with no line terminators","md5":"9ae562333ddf9f079f1319db2ee79cbd","sha1":"4aab21c7833afebaf2bedac9bb5138c330773a97","sha256":"64a4754f0be24eabe4dda0b51f6f878c02f577b781296c146ef9ff356b87f3c4","sha512":"f8e31c4ba621033f18b3d2daf11825bc2f3965e69f7bfba2fe2b07bf6d3996db458dd384a7b1487389e4d0b33c100bfb7986c15bcefe83522442d02ca73a3ee5","ssdeep":"","tlshash":"62118e2cb353a4630bb7b070b57baa0b56bb2023164559d0e1e5c59c1c79b0bd177ace","first_seen":"2024-12-07T11:17:27.538696Z","last_seen":"2026-05-30T20:39:08.838619Z","times_seen":305,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":116,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-C6NCM4X8FY\u0026gtm=45je65r2v9119786200za200zd9119786200\u0026_p=1780173511060\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026gdid=dZGIzZG\u0026_eu=EAAAAGA\u0026cid=1375826367.1780173511\u0026frm=0\u0026ir=1\u0026pscdl=noapi\u0026rcb=19\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115938465~115938468~117776793~119034491~119064971\u0026sid=1780173511\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Frgtnews.com.br%2F\u0026dt=RGT%20NEWS%20%E2%9C%85%20Not%C3%ADcias%20de%20Rondon%C3%B3polis%2C%20Cuiab%C3%A1%20e%20Mato%20Grosso\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026ep.forceSSL=true\u0026ep.link_attribution=true\u0026tfd=3262","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:36.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:51:26 GMT","end":"Thu, 30 Jul 2026 15:51:25 GMT"},"fingerprint":{"sha1":"E5:3F:1D:8A:67:60:A8:60:56:38:E4:E3:ED:A6:64:D9:7C:89:E1:E1","sha256":"39:E2:E8:B9:46:82:06:98:FA:92:0A:A2:4F:57:DF:DF:EF:00:44:4A:27:C0:C4:99:EC:A5:E3:D4:1A:A8:A5:D4"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-C6NCM4X8FY\u0026gtm=45je65r2v9119786200za200zd9119786200\u0026_p=1780173511060\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026gdid=dZGIzZG\u0026_eu=EAAAAGA\u0026cid=1375826367.1780173511\u0026frm=0\u0026ir=1\u0026pscdl=noapi\u0026rcb=19\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115938465~115938468~117776793~119034491~119064971\u0026sid=1780173511\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Frgtnews.com.br%2F\u0026dt=RGT%20NEWS%20%E2%9C%85%20Not%C3%ADcias%20de%20Rondon%C3%B3polis%2C%20Cuiab%C3%A1%20e%20Mato%20Grosso\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026ep.forceSSL=true\u0026ep.link_attribution=true\u0026tfd=3262 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rgtnews.com.br/\r\nOrigin: https://rgtnews.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://rgtnews.com.br\r\ndate: Sat, 30 May 2026 20:38:37 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:196:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:196:0\r\nreport-to: {\"group\":\"ascnsrsggc:196:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:196:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-30T22:03:09.281406Z","times_seen":15932419,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":114,"dns":0,"connect":22,"send":0,"wait":30,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.addtoany.com/menu/page.js","fqdn":"static.addtoany.com","domain":"addtoany.com","tld":"com"},"ip":{"addr":"104.20.20.192","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.addtoany.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 19 Apr 2026 20:12:47 GMT","end":"Sat, 18 Jul 2026 21:12:43 GMT"},"fingerprint":{"sha1":"19:EC:F6:8B:6C:6D:BB:F0:32:9A:56:BB:BD:22:AE:BD:28:1C:BB:E9","sha256":"E7:F8:24:B6:D6:39:CA:55:89:B3:11:19:28:82:F1:CE:1F:93:F9:3D:3E:F3:AA:AD:4E:21:DB:48:32:4E:5A:CC"}}},"request":{"raw":"GET /menu/page.js HTTP/1.1\r\nHost: static.addtoany.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 20:38:31 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400, stale-while-revalidate=30, public\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jGqVBa0ajRpvaeLz%2FRnrCIoDuHrkCb%2BjK7f4h1b%2BjrYftOJR8289vM8F5JMbeT4FLhoV5jKaCuaid7Nr9n6UHe2xaj71VL%2BZ7Vr3zzC8yUmj6Sp5CdiyI91uDbN9y5THdVJU%2Ftp0\"}]}\r\netag: W/\"595f8bea07b6134137baa5d8df653a83\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nage: 16677\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: a0408afdab628be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3457,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3457), with no line terminators","md5":"eeb0bd3e09bd83d569d6d03160612fde","sha1":"6f23c40e93450f29d58b9fcc16d79d742e4e5c2f","sha256":"8afdd81790c4628524f0d259e64a174f77ca9d67806a850e4425d8e78e15a42d","sha512":"4f3b3f5b2c9aadf6c4fc5be7bf1d70959b03fd380b0f017568d1d3081563e5e17e9a65465057b88bb26b58a74d9b5cb2bc1f5f423cd5dee0b82cad5c44b7211f","ssdeep":"","tlshash":"6e61c84f774ef8368e4735b6c5afb61ea223335d98548400c914d8dc8aacdc7116fa79","first_seen":"2026-05-21T20:24:46.793156Z","last_seen":"2026-05-30T22:36:30.322927Z","times_seen":587,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":12,"dns":4,"connect":1,"send":0,"wait":5,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 21 Oct 2025 10:14:02 GMT\r\nETag: \"14c2-641a875818e80\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5314\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5314,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"3a5838d1182eb0b11f5a58bfe26e2529","sha1":"920b2291e65d62eb55c1958911768540abaff5cf","sha256":"d4efe709c65438ae90dff385486421fea45762880f21fc4e0dca3fa96210f428","sha512":"bc41d50cd2e5c17c75ba737c303f2f498cc94e2c3fe402b2f15c5f10531e53633598093da98579b2dee65733dce0f763d77380ae35a9591d8bf91f975b7c6845","ssdeep":"96:L9emIWL7lnv93ssmAeGejQVnmggoC7arVCG0GXF730IQRDdlZq+SxSD3LmD:8mIWZVszMuinmg3rQ8Xd30DDdlZq+Sx3","tlshash":"2bb157dcb9d57022235121a0597fb409f3357d6470ebb8006ba9c4a47eb15cfb1a2fad","first_seen":"2025-10-27T08:47:54.280246Z","last_seen":"2026-05-30T21:57:45.295853Z","times_seen":187532,"resource_available":true,"data":null}},"time_used":1041,"timings":{"blocked":859,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rgtnews.com.br/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.8.7","fqdn":"rgtnews.com.br","domain":"rgtnews.com.br","tld":"com.br"},"ip":{"addr":"179.188.50.156","port":443,"asn":27715,"as":"Locaweb Servicos de Internet SA","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rgtnews.com.br/","date":"2026-05-30T20:38:31.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.rgtnews.com.br","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 05 Mar 2026 04:33:52 GMT","end":"Tue, 06 Apr 2027 04:33:51 GMT"},"fingerprint":{"sha1":"40:5D:45:6C:21:F2:EE:F8:05:B5:7B:86:7F:CB:A9:93:71:63:0E:2A","sha256":"B1:B2:49:19:43:8B:3A:A0:13:D5:9F:39:FC:26:00:E4:61:45:4D:2B:FA:10:05:46:AB:6E:60:4F:8C:2F:12:7C"}}},"request":{"raw":"GET /wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/script.min.js?ver=1.8.7 HTTP/1.1\r\nHost: rgtnews.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rgtnews.com.br/\r\nCookie: _ga_C6NCM4X8FY=GS2.1.s1780173511$o1$g0$t1780173511$j60$l0$h0; _ga=GA1.1.1375826367.1780173511\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 30 May 2026 20:38:32 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 07 May 2026 14:48:05 GMT\r\nETag: \"2c5a-6513b5e38ed12\"\r\nAccept-Ranges: bytes\r\nContent-Length: 11354\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: application/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11354,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11353)","md5":"af5b7583331b0cf98c1da20edcd40ac5","sha1":"f60347d1b7d74c7c533dc8de611fd252e4385c6a","sha256":"76398d9c16dab3310e0ac1a449744be0da52e5b16feeda154f293bdd619f6589","sha512":"748a13842090e40259e61cd8699273d7b3a32eecbcd5d45f3c0990945c0f50c7b758b4e171db0184c16fb68debc91359ecc690abdf19f1f0efb13b79d357e0a3","ssdeep":"192:31vcdrQlGe6UwFM/XqK2xymMRhcNwlSavx6hbwt16Yb30MMf:FvcdrYGxuXwxCJ6hkt8U30MMf","tlshash":"50327168770498b251779ae4b8be3b152223fe1c39454aa8b1fce9d15874d28313eb3d","first_seen":"2025-12-11T08:46:14.389022Z","last_seen":"2026-05-30T20:39:08.845722Z","times_seen":1391,"resource_available":true,"data":null}},"time_used":1232,"timings":{"blocked":1048,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"rgtnews.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}