{"report_id":"72281f5a-7253-4f7c-807a-0830019ae9a6","version":6,"status":"done","tags":[],"date":"2026-05-02T12:40:46Z","url":{"schema":"http","addr":"rbhdapp.com","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"rbhdapp.com/#/pages/home/home","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"title":"Robinhood","dom":{"size":9272,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3035)","md5":"d387e7a9c3e8dee58b26da6d58ba9181","sha1":"6f68ee94d5a9deb25c8db1c3f61e936db5d1bb19","sha256":"0546599096e9679350f11efe0804c0b008f9d7fe4021cafcb6cf88cb7b27e532","sha512":"79f8d249500edaa3a0e9555dac019cdc3a4c7f5c695e8f0da7b294711767fd84823d75aa663c0059aef50cdd6a71e1efbbaf2b654b3b09f9ec631af635231ff0","ssdeep":"192:gKz+HAcpJgtdWkgSunxBlh8YrigyrEFZ5LfRPuLfRiNLfRinLfRUQLfRMgas+rrj:rz++L0nxBlh8Y/FZ5LfRPuLfRiNLfRiC","tlshash":"811274303512243a52371741b8b2870d26139313c64648acbfee5bd5efc5cbe9972ab9","dom_hash":"domhash5b7ef17230d17e1146adbeac3cb0d521","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rbhdapp.com","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-06T12:40:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"rbhdapp.com","ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"2026-04-24","domain_rank":0,"first_seen":"2026-05-02T12:40:48.308174Z","last_seen":"2026-05-02T12:40:48.308174Z","alert_count":22,"request_count":22,"received_data":3057291,"sent_data":10893,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.rbh-ht.one","ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"2026-04-18","domain_rank":0,"first_seen":"2026-05-02T12:40:48.301562Z","last_seen":"2026-05-02T12:40:48.301562Z","alert_count":0,"request_count":16,"received_data":23517,"sent_data":8762,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"111.231.169.247","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-04-30T08:47:53.228035Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ws.rbh-ht.one","ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":818,"sent_data":1188,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rbhdapp.com/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d2e4b04d4b7cdc44a2af415cf6d135f2","sha1":"f49ef40cab5f73b68cb9f5b1ea5bd92e125b156f","sha256":"5ea874e689210cf059fc77e0d89a5de696006799a992da9380195f65350bf82e","sha512":"1945786769deb73c6f02f9d5d888a34fc07c7277cea1da6d3bfdcbf2e345eef34782bd6784c59992270d727756bb566278d07679cf6f3f0672d7dd6741ffd321","ssdeep":"","tlshash":"bfe0618250f7295c06108166348ec5071f6505739e814d513c8c7775cff5e5bc05d858","size":419,"data":"","first_seen":"2026-05-02T12:40:54.072415Z","last_seen":"2026-05-02T12:45:36.549375Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b364332f38152e57893edf8eb4f41ecf","sha1":"171c0f9d6b24d333fb4740213cbb464b3d204563","sha256":"427111f93d5b534fcd1c530e28f3cc7176e7ab3e5c586751e069fd8842f214eb","sha512":"1bdc76e0b118f5894929f57dc6cd5da6cbfcef75c5fa097610dbf907b760221d7e6d521e80852245c34976da1bc88b587748bdd3cd849cbb48d7a97a82b98ca9","ssdeep":"","tlshash":"cf9002655210001405910944062235412917502344d21020375c915fbf65923514e188","size":50,"data":"","first_seen":"2026-05-02T12:40:54.073484Z","last_seen":"2026-05-02T12:45:36.552025Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c45f1cd8915dfb8ae94664bdd75bacfa","sha1":"e7837ef7592d69d15381061a15cbeb484bffb39b","sha256":"120a9d013ac441e5f7d53f0fdb2cc1952fbe0eab322066dfcba968a56b1f95e2","sha512":"0c72cbd3e75d6d782892e62fea92c93ca9275c6a8fe64dffbed919cf28199649af39d1cc96cd2f83fe0a02d27d3d8eb7182fa12de943475642d1e8c697c19036","ssdeep":"","tlshash":"3511495c35e2516da7cb683804ff510434392913404a89d83f2df685ef101fd925bbee","size":954,"data":"","first_seen":"2026-05-02T12:40:54.074316Z","last_seen":"2026-05-02T12:45:36.553678Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/#/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f2d562f0482af28097a1e8bff743e202","sha1":"ab1f7442f13da01242f874f07b84041f32ff8cb8","sha256":"8ea8193c70220762139c7844d4be3c37d53d805256513bc224b53d16ad35730a","sha512":"2cf8993becc7c96e42b0499e72862eefa57d365830253e8b580c35ee9f854d4adb0b5b6817b56dfb125acdbc496ae99e8e78d7f73220c4093e8f2d2e521205f0","ssdeep":"","tlshash":"21c08cc5a0c23d002616641011af38e49028402674481b029c94e8482e230b48233e98","size":137,"data":"","first_seen":"2023-06-05T11:50:57Z","last_seen":"2026-06-09T02:19:17.829114Z","times_seen":499,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/#/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-09T22:52:27.075598Z","times_seen":5658,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/#/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7ab6dc81a5c1758a8381906989c4f704","sha1":"c3550c4675f6cb594031a333a3919f4d9428a278","sha256":"5eea0b86438aaa77b6a0b077bd01275ac57ab8586461564354417051a2554648","sha512":"1f75183d8956f47b911386e6a074bb83a858d49f67e7b7e63e9a1ac721f06bbe905dd07686f270d1da45e8cb224361ac7ccf68e9bfb7a85af070d24ac0b81a1a","ssdeep":"","tlshash":"ddc08cc4a0c23e001612641819af24e4a034802770481b238ca4d8482e220b09233e98","size":140,"data":"","first_seen":"2023-06-06T20:45:10Z","last_seen":"2026-06-09T15:45:07.909001Z","times_seen":200,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/#/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-06-09T02:19:17.599406Z","times_seen":1014,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/currency.6CCYYUNz.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"09529f4eb686f060f4b99e299905c03e","sha1":"b6a41bf779ac68471dde01f8214c1b671c9f27e8","sha256":"69a092790e7012770917eecea7e1e8a6ede2149d5645fb5529c63291f4d34f34","sha512":"7657226297d8e2f6cdb0f36ee346875be63e957469cf8f2a33ea355482fda4e45c5a830d559ddf8520b7c8a8989508ba47d3b7bbf7c8101a582ec2b6baf9f54a","ssdeep":"","tlshash":"b5f081cb94a294e2c5b95b48752966180027bbb1350f9ae03bcd32c5f3d81868036d7b","size":629,"data":"","first_seen":"2026-05-02T12:40:54.043297Z","last_seen":"2026-05-02T12:45:36.531951Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/#/pages/home/home","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1fbf2a0b2143413044f1eca17a556eeb","sha1":"98f0e4ffccb95f416c44d0d966a9126b311fff8b","sha256":"10a5a6d12cb073595ddda85adea25625033f25615d2b8589f85f60b9d4943a03","sha512":"43516a80a72866e3f472c44ad1a4830131f7da40d5bd6acdaf2d4d813807955122667e33f6205b642ba28e6b17c331d6bba262e0ca3789abd90c6356074dc545","ssdeep":"","tlshash":"24c080d9b0c66d105601551454af25f450345416704c9f438cd5d9587e624f4d333ee8","size":171,"data":"","first_seen":"2026-05-02T12:40:54.077456Z","last_seen":"2026-05-02T12:45:36.552816Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/#/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"536c3c6b90ee834a439d489c79336cc3","sha1":"525e609e9477124df7f5cda9187c6b27ee26acee","sha256":"bf39d3c99af9e308dcc07f4b745feb8ffce05370775f35be27da1f1dd2a818de","sha512":"744a7d7420ef72b7068a5fd2a321abaa1e1d4041d3cc399668533d267a7e5f3d496ef0d343385a60dde3fd8770c9bb8e158bfe61c4859c5ead5fcfac70ccde33","ssdeep":"","tlshash":"2bc08cc4b0d62d002602682050af34e49024442670481b428c94d8482e630b08233e98","size":136,"data":"","first_seen":"2024-06-29T09:12:59Z","last_seen":"2026-06-05T02:19:33.664866Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/#/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a15c447f08875de3100ed8997d5994ea","sha1":"b77d1c8bbbbcc5d0ac532e1362d796508029192f","sha256":"edd33609ab9f781e02fcf2c8e5ecd9f1e9b7bfdcbb576f01e9b2e78747b47e47","sha512":"55050de7b026795f86b16a8f6a67428555e9d05c394d87abf47b1bde43968be03e16569d97d1f38f6d37a1cc8b9bb5349cabe354e3def7dcbd5187640e3ac7ce","ssdeep":"","tlshash":"b8c02bc8b0c33d002602645010bf39e490344027718c1b43ccd4ec883e230f09233edc","size":139,"data":"","first_seen":"2023-05-08T20:49:32Z","last_seen":"2026-06-09T19:08:33.144678Z","times_seen":801,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/index-Dt4-fXKP.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d417b23412d87664d6863f8a1917a0f1","sha1":"1c91d28e27602e0acd0140235f5ee60addc6e290","sha256":"4236763ea8bf3961da442a18e2bc778623b08596883d111b77e89bb742e09c66","sha512":"8ef44a8b1c451c673dc2b9659cef2fb18ee7540a085f04c4807b94c0930fbfe88b787f9c2538030c182a20c0c8e6fddc427647b45a8ad5291558080c45a85fa4","ssdeep":"49152:0H98y5a8eblQgcse1JrOgLWEm54/+/FFXbgakYCvjTxEIYYekvzOQIMj0lovxOsG:Mz0f","tlshash":"6595b52c2a1bf354e959c0dbf9373c84919dd18ab00754d14fb98bb30ba5782eaadd13","size":2034303,"data":"","first_seen":"2026-05-02T12:40:54.079289Z","last_seen":"2026-05-02T12:45:36.548499Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","size":91,"data":"","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-09T11:38:22.394522Z","times_seen":1563,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/pages-home-home.B_0JNHud.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cfc4a1c740bf888cfc039ca9bee04612","sha1":"d0dcb8843b16c0916cfc01b7b26fe62acd9a7745","sha256":"125837fc1be48f60f64a6e251a075c4b84c879c9ca0101f6003c2489776b2390","sha512":"01e1eb2988a20ad1afc9a1ee819a3658d196367c72f280c9284f227863048198d2844ad1902b9391c1e33b6a34a1ea0dc004b454c0bd14487cd18d74c54eaa21","ssdeep":"96:0wpuf6zC5k9F/K4iFFHJ68MbRIw+u01LLZM9LpR:0B6zC5k9F/UYR2zLSLpR","tlshash":"08b1560ed69894b4c2b18168404f15447c2a6639f14764eb7a7beef7d350888f159f3f","size":5427,"data":"","first_seen":"2026-05-02T12:40:54.062946Z","last_seen":"2026-05-02T12:45:36.526957Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/#/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"78f892a6cfef93f07558761073154f55","sha1":"709b139cc0edda8dd81d62e01b7d1b25e98cb681","sha256":"1c41adab46d50baf11f93365929c9bb19e5509251dc3edf77121189ee99d6617","sha512":"36ad297cf367d877ed0395bfd59422fa6fbc802d26cb41f465bcae70950fe7ae3b428d3048f8bcffbe99a6d8da08f387c8b252f91a8cc8315c3866a1c75a9df8","ssdeep":"","tlshash":"5bc08cc4a0c22d105606641010af29e49024402670889b02cca4e8492e230b08233e98","size":136,"data":"","first_seen":"2024-08-20T08:22:25.451659Z","last_seen":"2026-06-05T02:19:33.652504Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/pages-opening-opening.CqY8h6lr.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed26368618fd4803defbcda3347ced26","sha1":"d51a70bfbc05d73310164e88698be21d0f6d945a","sha256":"d5bda38453000115daac700ce069f203d9bbcf18818f9203d1d4754d0c96f352","sha512":"b20304e77501acf4bdd00812909e11f38cf70dfa7518edae9cfec8faa2bfb1416193a69d219bb8efa175b7a8ae4cfa2303f6b5fd4a4c9935805acab910eb1929","ssdeep":"","tlshash":"d5f0202c0722a0f2c63800d5121366591c183270036ed8c4e3b4ec1ffe9098ff229cb8","size":556,"data":"","first_seen":"2026-05-02T12:40:54.057298Z","last_seen":"2026-05-02T12:45:36.525249Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-07T08:18:02.151537Z","times_seen":15899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"rbhdapp.com/static/statbar/new/home_b.png","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /static/statbar/new/home_b.png HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 20 Jan 2024 03:07:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65ab3900-1c2b\"\r\nexpires: Mon, 01 Jun 2026 12:40:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7211,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 801 x 801, 8-bit colormap, non-interlaced","md5":"a66613bf20a9c499c1df6651d7ebd57f","sha1":"297ea18081fb8ff11ecbcb6e627608f68d6f536d","sha256":"b0dcee1ceab8c3b03611ed8e2fe3b1a974abde3f1396e6bcb5e775e92fe908c0","sha512":"71ee25249955fb3826cff4b80813a6a6728f987919759894481457d3443b5788d7f77b7ae9522be4e56c448ba6a52a303027df1fee42f6e418e9c8a7d61da214","ssdeep":"96:ELfDTNwbw2bd0kvO4GekhDQfzKdGUr+6Qhc5rAVr41Q+wDKwRgfd:ubJOR6sKtQLKAUr+5hc5rAVreZwDNgV","tlshash":"57e12bedea358d25c305683b9addbdc1755bab437d5f50826e8f032a80607e332b3249","first_seen":"2025-06-19T20:06:53.471184Z","last_seen":"2026-06-05T02:19:33.617524Z","times_seen":22,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/getCountry","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"GET /api/common/getCountry HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1777725626\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 242\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: br\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":306,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"8ad5ab5822dda7ea8235ce36b7414efa","sha1":"ec9daf26786c0b2eca66281eaaf79127ed55c446","sha256":"b2a3c4d33accb194b6ec31b4a49070bfce5a0d64e715d50ae989d6752eb78fcd","sha512":"f0aa0315baa9c9715273290bd448f31499550dfa82b62dd20c7eabc8aa0248df39cf2f58808fe478723576eae2de40e3517279db2e8518addd8a5d04c69557be","ssdeep":"","tlshash":"a8e0265b3038ae28ea2f82c9541f6e1922ec301b428080978ce89b2cc1442a0304152b","first_seen":"2025-07-16T11:12:21.705691Z","last_seen":"2026-06-05T02:19:33.638493Z","times_seen":15,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/currency.6CCYYUNz.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:27.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/currency.6CCYYUNz.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/assets/pages-home-home.B_0JNHud.js\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 629\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\netag: \"69e90358-275\"\r\nexpires: Sun, 03 May 2026 00:40:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":629,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (628)","md5":"09529f4eb686f060f4b99e299905c03e","sha1":"b6a41bf779ac68471dde01f8214c1b671c9f27e8","sha256":"69a092790e7012770917eecea7e1e8a6ede2149d5645fb5529c63291f4d34f34","sha512":"7657226297d8e2f6cdb0f36ee346875be63e957469cf8f2a33ea355482fda4e45c5a830d559ddf8520b7c8a8989508ba47d3b7bbf7c8101a582ec2b6baf9f54a","ssdeep":"","tlshash":"b5f081cb94a294e2c5b95b48752966180027bbb1350f9ae03bcd32c5f3d81868036d7b","first_seen":"2026-05-02T12:40:54.043297Z","last_seen":"2026-05-02T12:45:36.531951Z","times_seen":2,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/static/statbar/new/market_p.png","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /static/statbar/new/market_p.png HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 20 Jan 2024 03:07:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65ab3900-19aa\"\r\nexpires: Mon, 01 Jun 2026 12:40:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6570,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 801 x 801, 8-bit colormap, non-interlaced","md5":"0a68aec62b8d36459ec3f349871489bf","sha1":"0907a8afe59bc2569867ec69097659feb15a7134","sha256":"3902a9c68e5c263206dbcddbcdbb6e7ddd4ecfc6171f93ad49729a6b231269d5","sha512":"a760f19a668d06db1b728211a64b4e3c951d46f4f4dd4bd6533b76bc08f4ec037c3122623f8df3244cad1eaf9a97bfd3d9faf18634c4a697bedcae0e2a048ce8","ssdeep":"96:dGUB7KZYTOthtljrlvaUBsh+gFKVHAOB6jaqLrbfvjITie:kUB7KZ1hjjxPBsh+v2O4Owrj7Qie","tlshash":"97d1444915fb6f42d48286f9bf733a2966083b1fd9eaf629153c63c03417782e41d98e","first_seen":"2025-06-19T20:06:53.501615Z","last_seen":"2026-06-05T02:19:33.627933Z","times_seen":21,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/static/statbar/new/asset_p.png","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /static/statbar/new/asset_p.png HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 20 Jan 2024 03:07:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65ab3900-132a\"\r\nexpires: Mon, 01 Jun 2026 12:40:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4906,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 801 x 801, 8-bit colormap, non-interlaced","md5":"f9caefa295316c467f5510e3335d5fad","sha1":"f37d9374be4e3390cbe93fa1cade136ed7d80035","sha256":"ada14ff758ac1aa8798e2c3c2bc3b1a0f93e469f9a7342a64b135e64d63f004a","sha512":"c31570b74de346ccda02bfc6f775a93c34077b7d33598e9c4edf8e116c87fa2813d4fa8baf22b51970bfd7c8e8164136e0f1b62d55535b0dcb78821b1ca019b7","ssdeep":"96:Gayea6t+8gZiAQ+qwrE2fm3o8Hg7wjC8S0dpkFPBT9fqukZkBBupgh3b:GNmgZBhverHgKA0dpWBT9quYkBBu+hr","tlshash":"e9a124efa71b0c98f3e0447959dba81020b30b98fd00e69197de76554c8ee5e58ece0b","first_seen":"2025-06-19T20:06:53.535547Z","last_seen":"2026-06-05T02:19:33.595297Z","times_seen":22,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/getCountry","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"OPTIONS /api/common/getCountry HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,client-device,timetamp\r\nReferer: https://rbhdapp.com/\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":923,"timings":{"blocked":379,"dns":64,"connect":154,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/HarmonyOS_Sans_Regular-BHHgWLDZ.ttf","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/HarmonyOS_Sans_Regular-BHHgWLDZ.ttf HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/assets/index-DGDTddCz.css\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 146616\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\netag: \"69e90358-23cb8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146616,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 14 tables, 1st \"DSIG\", 21 names, Macintosh, Copyright 2021 Huawei Device Co., Ltd. All Rights Reserved.HarmonyOS SansRegularHarmonyOS Sans V","md5":"48d656ed53e13d664de5cfdc7d3c438a","sha1":"8bea06ce4d7b4196f5e5f60b5580bdb1519ff560","sha256":"4f00c7e80329238d0b6fc58e5c829c4086432ba9fa1a8c5ca3da9a0442ce0452","sha512":"4d3189ddd412c1018a1c102c7067b5983ed2ea46d26a0e7f5f8a0829b77557c35a6cdd41c3573c3fd0592e240f1dbf51133a73ad246f0f44dfbe37f5b1c1feff","ssdeep":"3072:2waXVb3/LizgXbAsJzu82vIm3r6yoj8Gf9g4I3ZgDl6iquMX3js2O0:GVb/Liz2Jzu8IIm3rE9g4I3ZgDlnJO3T","tlshash":"7ce34a07f3a3db5fea16adb9a632e22283cef434793e874ef5041567d49b8e1c884541","first_seen":"2023-04-07T05:22:56Z","last_seen":"2026-06-06T22:16:44.858306Z","times_seen":628,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/config","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"POST /api/common/config HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1777725626\r\nContent-Type: application/json\r\nContent-Length: 23\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":23,"data":"{\"group_id\":1,\"key\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/plain\r\ncontent-length: 282\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: br\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":425,"size_decoded":0,"mime_type":"text/plain","magic":"JSON text data","md5":"524f85f4e3dcfe29e0a7f42436c5c90e","sha1":"8bbe39441617a131fe13ef251bf3f4faa6cdba0d","sha256":"1c2a28bdc95077ddbcbbce7617b97685bb90215641afd81e85fcca019e51c008","sha512":"d12cb65c7756f974242b14340be228c082e8aac4617b0e2d81d01bf74c76e7dae06e625193870dabe12d624f2303aebb580b6739f367fcff6ccc44027ea5e442","ssdeep":"","tlshash":"25e0abc35e484c2a830a49cad58d1c45a12d9703a808e8c38ecb9dbccab82f8a144035","first_seen":"2026-05-02T12:40:54.052233Z","last_seen":"2026-05-02T12:45:36.526194Z","times_seen":2,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/getServerTime","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"GET /api/common/getServerTime HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1777725626\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 81\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: br\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"38311a33a8358e4d5acfa8e67c2d8d6d","sha1":"097318712c8888c2db1a08dd4d5536f7aee1de3e","sha256":"c448c14a8bf13cd87895f9b8b9fdd5619c8a303c85ea832f1b5e92c443b71700","sha512":"045e933f286d2535314bfb002b4efab851678721ab70fd8d327c66f87f8b559763e987ce120f75ce1b6b9d1d02b06c453920ea8d45a615dcc64f13561d665fc4","ssdeep":"","tlshash":"e3a022033e00bcb8e3033082b82b2e0028f830b288c20083e88c002ccf0c2223083a2e","first_seen":"2026-05-02T12:40:54.053686Z","last_seen":"2026-05-26T14:24:25.214152Z","times_seen":3,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/home-C644U4oD.css","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/home-C644U4oD.css HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e90358-5694\"\r\nexpires: Sun, 03 May 2026 00:40:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22164,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (22163)","md5":"81bf8c6fc214fce31dc986de6ab2cc41","sha1":"b1309695b846f0c5721ec6204b0267e5354c18b4","sha256":"24f4754246b14bb92c587d1a6cd396df3a636f7b7dd52ff23a73639f43397551","sha512":"58f593a1b561bcec744e7aefef1a757cb283108506981955f95393a7e98b6dedb9e2788bd901d3f02162128e5aa6cade8890d946a244a55002c56b9b06ac5130","ssdeep":"96:qLtFGMmpJCf6zSGQGf62GUGyfGwGB1DHI5oeFpt4ahiHSQvlHwtauWz8Ja24k9Ao:qLN6uoQMPdFA1DHLNy/DWftozT","tlshash":"cea2122d363c762e8573dd012dba0acc1f31b72ada4201adb663691e4dc76c33971e88","first_seen":"2026-05-02T12:40:54.054943Z","last_seen":"2026-05-02T12:45:36.534131Z","times_seen":2,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/index-DGDTddCz.css","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:24.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/index-DGDTddCz.css HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e90358-36a13\"\r\nexpires: Sun, 03 May 2026 00:40:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":223763,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"fb8b15d415ad560ae2d3faf81a55ef2b","sha1":"5f77fedd9c0b4466ced26507a908b942c94500c0","sha256":"e8458943a68b46a9472118a2efb2cb7b7fa87c83960334dfafd08732afd83cc6","sha512":"dbaf92400436a92d5138cc1aaf95ab8b1e789517aa772dd37ec759644bd8885f92d13c74340b25998e3154e9c7e2250682cdb4b1358aea7a4c28275ed0d7ecf0","ssdeep":"1536:u0K7HlA41IyNBi3MFYaQj7FCwsBlDOFIxuVoxJPIKkca1Al5aIzKiVTVlIe:g7H5vNIClDsIxuVS9VYJe","tlshash":"5c24b5a5e69091bcbf2bf275ab8b96dcf23cf560dd01caa4f10151580ec7bf5062361a","first_seen":"2026-05-02T12:40:54.056165Z","last_seen":"2026-05-02T12:45:36.536052Z","times_seen":2,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":610,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/config","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"OPTIONS /api/common/config HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: authorization,client-device,content-type,timetamp\r\nReferer: https://rbhdapp.com/\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":937,"timings":{"blocked":385,"dns":78,"connect":154,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/getServerTime","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"OPTIONS /api/common/getServerTime HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,client-device,timetamp\r\nReferer: https://rbhdapp.com/\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":922,"timings":{"blocked":380,"dns":64,"connect":154,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/pages-opening-opening.CqY8h6lr.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/pages-opening-opening.CqY8h6lr.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rbhdapp.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 556\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\netag: \"69e90358-22c\"\r\nset-cookie: server_name_session=93308feef534e93d654952046088946c; Max-Age=86400; httponly; path=/\r\nexpires: Sun, 03 May 2026 00:40:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":556,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (555)","md5":"ed26368618fd4803defbcda3347ced26","sha1":"d51a70bfbc05d73310164e88698be21d0f6d945a","sha256":"d5bda38453000115daac700ce069f203d9bbcf18818f9203d1d4754d0c96f352","sha512":"b20304e77501acf4bdd00812909e11f38cf70dfa7518edae9cfec8faa2bfb1416193a69d219bb8efa175b7a8ae4cfa2303f6b5fd4a4c9935805acab910eb1929","ssdeep":"","tlshash":"d5f0202c0722a0f2c63800d5121366591c183270036ed8c4e3b4ec1ffe9098ff229cb8","first_seen":"2026-05-02T12:40:54.057298Z","last_seen":"2026-05-02T12:45:36.525249Z","times_seen":2,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/account/userinfo","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"POST /api/account/userinfo HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1777725626\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 109\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: br\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":105,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a923f0199ce6dbcb9e35c8e0af707a3f","sha1":"06e8646c203d4ff3df3d681a23ac490421bd3a4c","sha256":"615d8f77f10bffcd535f3cccbcf0df7de636cb09ddd1937f8e2350c2fb42c823","sha512":"5ab910456619569de1adfed50ab45afb195051bab017e59b15e1bb0fee55efdf4a8f8784ca783f8dac3afc00a461baca2b179c28e169695d14a5afe6a30485aa","ssdeep":"","tlshash":"c6b0129e064437295ed2936370ee3a9537a7414047392cc5c848c578a948450231b3bb","first_seen":"2026-02-23T01:20:25.844198Z","last_seen":"2026-05-02T12:45:36.541578Z","times_seen":5,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/currency/getTradeCurrencyList?n=1","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:27.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"GET /api/currency/getTradeCurrencyList?n=1 HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1777725627\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2365\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: br\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10856,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"24f62ca3a076b1ced1a544ab44db8a59","sha1":"905f5bd30506f6990fd2d6a8de33918d02174f7c","sha256":"e1f19e0dbe05ca0c29f804a439acbf8266e60203a3561d0b6ae2c83f187c8e1f","sha512":"5518efddec38852363b125d4395a4c7356e1277a6a4a0a87109c7cd75e8d8710665e3575589606f2613a4b41d60068787a666609be4224580c5860040c115067","ssdeep":"192:S+Kv0APM2ibN8CiHYtj6AB+HP7GV+KDfTvgsHYW9CwcKgTn:SoA02wwYFh4HPk7gkCwg","tlshash":"a422358527bc4d60c5be4cc2ef69382120ec706e6ec58f91d3ed496055f69bba809f27","first_seen":"2026-05-02T12:40:54.05949Z","last_seen":"2026-05-02T12:40:54.05949Z","times_seen":1,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-02T12:40:24.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:24 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 22 Apr 2026 10:00:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e89c57-c90\"\r\nset-cookie: server_name_session=93308feef534e93d654952046088946c; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3216,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"6ddf237c5a3e62076bb11980a3ffc4fe","sha1":"96668c88e733c08ef83e0309ae0b9917f013de13","sha256":"00b82ac5d5f1a5f82f24bab3700883735f6acc1a2fe81259e90dfa2a21cae791","sha512":"4f65fbe10f750e2722a0fc1dfb34bc36f8ada2ae336f8b8b400dbc8d8719a8eb211d18298b0bd3ef1655454394f804e4acaf7f7dfe3cff78faad445951a2f030","ssdeep":"","tlshash":"d561524d29e3801c624304782efd75097972a903854bcdec3eacf298df815d9995fae8","first_seen":"2026-05-02T12:40:54.0605Z","last_seen":"2026-05-02T12:45:36.532617Z","times_seen":2,"resource_available":true,"data":null}},"time_used":900,"timings":{"blocked":374,"dns":61,"connect":152,"send":0,"wait":152,"receive":0,"ssl":158},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/opening-DmpG6NjA.css","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/opening-DmpG6NjA.css HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/css\r\ncontent-length: 100\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\netag: \"69e90358-64\"\r\nexpires: Sun, 03 May 2026 00:40:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8fa4a8e9afd8dd0da4fd55ce5287e231","sha1":"ab478f2dd057fa7ca7f0f9023b1a66b2463e4521","sha256":"8d70376d74cd8f8c22003f0d6ae989b85dbaa000b394626471b18d10c5ec3d92","sha512":"9b5cd314c88ebf359a0d05554720d0a23a8825dd9e30871eaa760507e25890c60caa41cc6ffe47a17255ae5d7aa633a6ad5cdc75654d362ff45e5003ce5a7f1a","ssdeep":"","tlshash":"fcb01238313c54a705298300770b1e1f1b042b076392830230796c22a4c3f3b5034840","first_seen":"2026-05-02T12:40:54.061561Z","last_seen":"2026-05-02T12:45:36.524519Z","times_seen":2,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/pages-home-home.B_0JNHud.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/pages-home-home.B_0JNHud.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rbhdapp.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e90358-1533\"\r\nset-cookie: server_name_session=93308feef534e93d654952046088946c; Max-Age=86400; httponly; path=/\r\nexpires: Sun, 03 May 2026 00:40:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5427,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (5400)","md5":"cfc4a1c740bf888cfc039ca9bee04612","sha1":"d0dcb8843b16c0916cfc01b7b26fe62acd9a7745","sha256":"125837fc1be48f60f64a6e251a075c4b84c879c9ca0101f6003c2489776b2390","sha512":"01e1eb2988a20ad1afc9a1ee819a3658d196367c72f280c9284f227863048198d2844ad1902b9391c1e33b6a34a1ea0dc004b454c0bd14487cd18d74c54eaa21","ssdeep":"96:0wpuf6zC5k9F/K4iFFHJ68MbRIw+u01LLZM9LpR:0B6zC5k9F/UYR2zLSLpR","tlshash":"08b1560ed69894b4c2b18168404f15447c2a6639f14764eb7a7beef7d350888f159f3f","first_seen":"2026-05-02T12:40:54.062946Z","last_seen":"2026-05-02T12:45:36.526957Z","times_seen":2,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/pages-home-home.B_0JNHud.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/pages-home-home.B_0JNHud.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/assets/index-Dt4-fXKP.js\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e90358-1533\"\r\nexpires: Sun, 03 May 2026 00:40:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5427,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (5400)","md5":"cfc4a1c740bf888cfc039ca9bee04612","sha1":"d0dcb8843b16c0916cfc01b7b26fe62acd9a7745","sha256":"125837fc1be48f60f64a6e251a075c4b84c879c9ca0101f6003c2489776b2390","sha512":"01e1eb2988a20ad1afc9a1ee819a3658d196367c72f280c9284f227863048198d2844ad1902b9391c1e33b6a34a1ea0dc004b454c0bd14487cd18d74c54eaa21","ssdeep":"96:0wpuf6zC5k9F/K4iFFHJ68MbRIw+u01LLZM9LpR:0B6zC5k9F/UYR2zLSLpR","tlshash":"08b1560ed69894b4c2b18168404f15447c2a6639f14764eb7a7beef7d350888f159f3f","first_seen":"2026-05-02T12:40:54.062946Z","last_seen":"2026-05-02T12:45:36.526957Z","times_seen":2,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/config","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:27.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"POST /api/common/config HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1777725627\r\nContent-Type: application/json\r\nContent-Length: 23\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":23,"data":"{\"group_id\":5,\"key\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: text/plain\r\ncontent-length: 238\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: br\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":288,"size_decoded":0,"mime_type":"text/plain","magic":"JSON text data","md5":"f46f03a618cdc405294b73da0af0d0f8","sha1":"1c227477cd69d41ac66d663dfbc8b5a865dddb60","sha256":"103b7176b466158cad1d4986afeb724e2cbf8854a26884a0146a7cadf20bc814","sha512":"7ab3b2f8cf6e0e8275ab31e3e617f773012c6f7ae2e07efaff39595578390d70e41b80f354a1c153f952a753e87ab17e9d731794da269d510b958b35f41e4d8e","ssdeep":"","tlshash":"54d0eb8a8d4f456a93402290182f3ae8928898032808dc2b070ecf140b230acb0e764a","first_seen":"2026-05-02T12:40:54.06392Z","last_seen":"2026-05-02T12:45:36.542266Z","times_seen":2,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"111.231.169.247","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:28.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Sat, 02 May 2026 15:40:31 GMT\r\ncache-control: max-age=10800\r\nset-cookie: __uni__uid=rBEQUmn18L+0D53AA4YSAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-09T22:57:13.645804Z","times_seen":16261,"resource_available":false,"data":null}},"time_used":4993,"timings":{"blocked":2034,"dns":40,"connect":252,"send":0,"wait":924,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/index-Dt4-fXKP.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:24.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/index-Dt4-fXKP.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 24 Apr 2026 16:15:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eb9707-1f0a7f\"\r\nexpires: Sun, 03 May 2026 00:40:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2034303,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (20816)","md5":"682e033547406e701bec06ef4d852514","sha1":"d6732a402373d07cb6301299889b72f05e33706b","sha256":"d066c6f9226faf0b114835cff9acf32f0ca602c6069e0341b99b8fa1d7f2aff0","sha512":"234441b7d6f26ed8a4a5927c07d390a6abe3094ef4732c336aac70431d026a7f36c44a0a4f21a222c08f3b8c76f919d02ae5764afde445e8407d8e027873b2ec","ssdeep":"24576:0H98y5a8eblQgcseGPD6JrOgLWEm54/+hTNFOjB2JlJbgakYCvjTxEIYYekvzOQ1:0H98y5a8eblQgcse1JrOgLWEm54/+/FO","tlshash":"45356c1d768a67329bf702f0b09b494470785d41f2178498eafcc8a825fc649e1d7fba","first_seen":"2026-05-02T12:40:54.065254Z","last_seen":"2026-05-02T12:40:54.065254Z","times_seen":1,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/static/statbar/new/trade_p.png","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /static/statbar/new/trade_p.png HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 20 Jan 2024 03:07:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65ab3900-1f97\"\r\nexpires: Mon, 01 Jun 2026 12:40:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8087,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 801 x 801, 8-bit colormap, non-interlaced","md5":"12edb8fd3f025d01c9e066ab51158c10","sha1":"c1c64dda47889834f5afd7f125d727f56a3b0515","sha256":"95bdf22bef3842df575565f039cce92296327c5c5a23a94c93a337273c14a8b8","sha512":"ebff2021c820f04e242109b27fc5fad9321ed68aa1bba74bf916eb0457f908c49aa13ec517a55f8dda4f314e3945509ed72ef1a1513679cb1395fa628407b531","ssdeep":"192:ngjFSusVgY9AUDszgaaryUyBpjU4ytCqXAFQLDs6cGvcguWsHK:QIujYfo8fQe4RYAFQrcE9u9q","tlshash":"aef16bb10288965bc76e893c973fedb602a3d83c3e5255839fe0a4c2e5614e5c036fc5","first_seen":"2025-06-19T20:06:53.430635Z","last_seen":"2026-06-05T02:19:33.637176Z","times_seen":21,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/config","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"OPTIONS /api/common/config HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: authorization,client-device,content-type,timetamp\r\nReferer: https://rbhdapp.com/\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":923,"timings":{"blocked":388,"dns":67,"connect":151,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rbhdapp.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 91\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\netag: \"69e90358-5b\"\r\nset-cookie: server_name_session=93308feef534e93d654952046088946c; Max-Age=86400; httponly; path=/\r\nexpires: Sun, 03 May 2026 00:40:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-09T11:38:22.394522Z","times_seen":1563,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/currency.6CCYYUNz.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/currency.6CCYYUNz.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://rbhdapp.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 629\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\netag: \"69e90358-275\"\r\nset-cookie: server_name_session=93308feef534e93d654952046088946c; Max-Age=86400; httponly; path=/\r\nexpires: Sun, 03 May 2026 00:40:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":629,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (628)","md5":"09529f4eb686f060f4b99e299905c03e","sha1":"b6a41bf779ac68471dde01f8214c1b671c9f27e8","sha256":"69a092790e7012770917eecea7e1e8a6ede2149d5645fb5529c63291f4d34f34","sha512":"7657226297d8e2f6cdb0f36ee346875be63e957469cf8f2a33ea355482fda4e45c5a830d559ddf8520b7c8a8989508ba47d3b7bbf7c8101a582ec2b6baf9f54a","ssdeep":"","tlshash":"b5f081cb94a294e2c5b95b48752966180027bbb1350f9ae03bcd32c5f3d81868036d7b","first_seen":"2026-05-02T12:40:54.043297Z","last_seen":"2026-05-02T12:45:36.531951Z","times_seen":2,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/getCurrencyFee","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:27.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"POST /api/common/getCurrencyFee HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1777725627\r\nContent-Type: application/json\r\nContent-Length: 18\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":18,"data":"{\"currency\":\"USD\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 234\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: br\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":234,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"46e15cf4768cfc6a5daaa99655f2fb0e","sha1":"14aa831ad82ff65c64af9b606f4683285487c297","sha256":"7abb768fcf81d4d3a2562cfa873b8cfe9c329bd85a55ddc9e9c4c2828968c05d","sha512":"0e7d82249f7f968d0ba1203d2e5af94fccf3b1e5453bc716cdd86d78f2156d7635c102462be002ec68aae1710e692539dbda0b955c9af8f1505034ab6c41f049","ssdeep":"","tlshash":"67d0973a400922cdc3a26240aa8928b18873f20adf02506d860900bfa28a42820ea884","first_seen":"2026-01-26T05:16:18.289241Z","last_seen":"2026-06-05T02:19:33.625014Z","times_seen":29,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/currency/getTradeCurrencyList?n=1","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:27.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"OPTIONS /api/currency/getTradeCurrencyList?n=1 HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,client-device,timetamp\r\nReferer: https://rbhdapp.com/\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"ws.rbh-ht.one/?token=17777256260515868833$contract\u0026sub=contract","fqdn":"ws.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:30.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ws.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:31:58 GMT","end":"Fri, 17 Jul 2026 09:31:57 GMT"},"fingerprint":{"sha1":"73:A5:7B:05:2A:E4:40:96:85:E2:FB:87:79:F0:58:D8:AC:7B:63:1A","sha256":"D5:49:82:DD:06:06:52:4F:56:98:A8:44:59:6C:12:90:6A:1C:63:9D:B8:17:94:CE:15:3D:EC:A7:1B:98:65:5C"}}},"request":{"raw":"GET /?token=17777256260515868833$contract\u0026sub=contract HTTP/1.1\r\nHost: ws.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://rbhdapp.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 0fPgqY/UeiTWXYFeroYySg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Sat, 02 May 2026 12:40:30 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-Websocket-Accept: 5cv84Qdq7iv7BkMrwovvHZUFxv0=\r\nSec-Websocket-Version: 13\r\nSec-Websocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover\r\nSet-Cookie: server_name_session=a31350a5fd4c643f4b7305344cfba74c; Max-Age=86400; httponly; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":471,"timings":{"blocked":0,"dns":1,"connect":152,"send":0,"wait":154,"receive":0,"ssl":164},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/selecting-bWV54N3P.gif","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:24.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/selecting-bWV54N3P.gif HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:24 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e90358-801ee\"\r\nexpires: Mon, 01 Jun 2026 12:40:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":524782,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 256 x 144","md5":"e483c30de31bcfe0fd05efee8c3c2742","sha1":"dd7de4af9f225e91ddc3bcc95bc8e0dd243ceedd","sha256":"dd16a9309d7b5add154c8f11352d49d1b360e872d69f66b86a73d5df18180ac9","sha512":"e45a2a2a7582f32b3794fb42e0b79a0a0221584f6b07fb4972ab7665dbb4ba07aef80657742e3d8d7bd41417b5187b5dbac3a927a9039b18a0ddd5b82976f9ed","ssdeep":"12288:7LkqlpL6/qv2XADfpeO6z2zR/LE/N511NlP0/5lxVYevBygdPujyJDflB:7LvXL6CDwRyIdsXYevBDdPwoD/","tlshash":"cbb4233d426f0419fe3bb87b4efcae4f341ebd1e2566d8b02ae9248589195f940b46c1","first_seen":"2026-05-02T12:40:54.068115Z","last_seen":"2026-05-02T12:45:36.523826Z","times_seen":2,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":610,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/account/userinfo","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"OPTIONS /api/account/userinfo HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: authorization,client-device,content-type,timetamp\r\nReferer: https://rbhdapp.com/\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":917,"timings":{"blocked":381,"dns":62,"connect":154,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/assets/pages-opening-opening.CqY8h6lr.js\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 91\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\netag: \"69e90358-5b\"\r\nexpires: Sun, 03 May 2026 00:40:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-09T11:38:22.394522Z","times_seen":1563,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/config","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"POST /api/common/config HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1777725626\r\nContent-Type: application/json\r\nContent-Length: 23\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":23,"data":"{\"group_id\":1,\"key\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: text/plain\r\ncontent-length: 282\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: br\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":425,"size_decoded":0,"mime_type":"text/plain","magic":"JSON text data","md5":"524f85f4e3dcfe29e0a7f42436c5c90e","sha1":"8bbe39441617a131fe13ef251bf3f4faa6cdba0d","sha256":"1c2a28bdc95077ddbcbbce7617b97685bb90215641afd81e85fcca019e51c008","sha512":"d12cb65c7756f974242b14340be228c082e8aac4617b0e2d81d01bf74c76e7dae06e625193870dabe12d624f2303aebb580b6739f367fcff6ccc44027ea5e442","ssdeep":"","tlshash":"25e0abc35e484c2a830a49cad58d1c45a12d9703a808e8c38ecb9dbccab82f8a144035","first_seen":"2026-05-02T12:40:54.052233Z","last_seen":"2026-05-02T12:45:36.526194Z","times_seen":2,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/config","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:27.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"OPTIONS /api/common/config HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: authorization,client-device,content-type,timetamp\r\nReferer: https://rbhdapp.com/\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/uni.b981e0f8.css","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:24.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/uni.b981e0f8.css HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69e90358-625d\"\r\nexpires: Sun, 03 May 2026 00:40:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25181,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (25180)","md5":"12859708306bf3887e3f81aeb56c72e9","sha1":"d354101f747e80169b090087acc22bc94b77ff73","sha256":"b981e0f84131bfad625e32ce013bff3e6ef43efb8b46fc038fdeae989fae481c","sha512":"aeb63fd252e6f8e3dece1b42d896d51e880e43cad0f39cc08cb9a47762555ad9e34b6c0077852407f1c02cec43fade0aed5d17906d3c4ca1b73855db893d04df","ssdeep":"384:UXpmLWLAzc8aux2iei+XHyrcy/ialZrBv:U0Suzei+XHPalZt","tlshash":"33b29631aa002629f427ce2965d1db4f22318173e9531b2dfb79712ccfae9c9197b784","first_seen":"2026-05-02T12:40:54.068985Z","last_seen":"2026-05-02T12:45:36.533401Z","times_seen":2,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/assets/pages-opening-opening.CqY8h6lr.js","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /assets/pages-opening-opening.CqY8h6lr.js HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/assets/index-Dt4-fXKP.js\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 556\r\nlast-modified: Wed, 22 Apr 2026 17:20:24 GMT\r\netag: \"69e90358-22c\"\r\nexpires: Sun, 03 May 2026 00:40:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":556,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (555)","md5":"ed26368618fd4803defbcda3347ced26","sha1":"d51a70bfbc05d73310164e88698be21d0f6d945a","sha256":"d5bda38453000115daac700ce069f203d9bbcf18818f9203d1d4754d0c96f352","sha512":"b20304e77501acf4bdd00812909e11f38cf70dfa7518edae9cfec8faa2bfb1416193a69d219bb8efa175b7a8ae4cfa2303f6b5fd4a4c9935805acab910eb1929","ssdeep":"","tlshash":"d5f0202c0722a0f2c63800d5121366591c183270036ed8c4e3b4ec1ffe9098ff229cb8","first_seen":"2026-05-02T12:40:54.057298Z","last_seen":"2026-05-02T12:45:36.525249Z","times_seen":2,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/favicon.ico","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:27.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 15406\r\nlast-modified: Tue, 21 Apr 2026 08:25:01 GMT\r\netag: \"69e7345d-3c2e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"e1754950c527016b79fb0c4e491c9acc","sha1":"b3462b8e9490b26fa4648f86fcde55646f8f8c37","sha256":"124e3106f2feb753ead0d53b3f0589bd431421e5de2dc3fd3d11a4f8c1617bf5","sha512":"ed919cfe42f648d28b04199e98c390940387bff512f922751eca072d5580c17f8af702ffeaa1a59b110633e650a66077af5244e0069be1f631638e18415413e4","ssdeep":"24:nGNNVtOHnP0TS7tflH/R9bLkeYgk63irvj9rx:IOvOCDh+gOrlx","tlshash":"b962a50c334229a8fbb38ff149471f03962cf2f2f8c303a7829061516fa26602259b2c","first_seen":"2026-05-02T12:40:54.070162Z","last_seen":"2026-05-02T12:45:36.537672Z","times_seen":2,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rbhdapp.com/static/statbar/new/contract_p.png","fqdn":"rbhdapp.com","domain":"rbhdapp.com","tld":"com"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:26.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rbhdig.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 13:28:16 GMT","end":"Thu, 23 Jul 2026 13:28:15 GMT"},"fingerprint":{"sha1":"BF:B8:CF:52:C2:27:23:A5:11:BA:D6:A2:21:7A:4D:C3:61:35:34:63","sha256":"8A:7B:28:5C:6E:0A:3E:97:52:17:EA:79:93:A6:24:3C:2E:58:F3:DB:A9:3A:9E:9B:44:16:A0:5C:54:74:11:62"}}},"request":{"raw":"GET /static/statbar/new/contract_p.png HTTP/1.1\r\nHost: rbhdapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rbhdapp.com/\r\nCookie: server_name_session=93308feef534e93d654952046088946c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 20 Jan 2024 03:07:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65ab3900-2697\"\r\nexpires: Mon, 01 Jun 2026 12:40:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9879,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 801 x 801, 8-bit colormap, non-interlaced","md5":"178462d7a56561dbcbb571898f85b767","sha1":"90d0ee467d32862c616278c291acdf123f4ef9c3","sha256":"635031bcb0604c5f3401e4d44864392dbbb151fb16a7ffcf5104fc58bb387f52","sha512":"0219cc448410c8130e8370654b136755f34fff424d313625bda290c5c7ee3726844c83e3f9ce5c4b94756dcc97d8760275adb9e59037341ece85af6020f25b11","ssdeep":"192:GT9nPAxKd1JZaySy+xNJBgJ2awmZ2APX6WlIobPjAbw6dPLBX5giRvKniSp3DOGm:GTNPAxC12TLNaIAPXzPjAb7LR5oniSl4","tlshash":"dc12af5ac3a07c5df074e132c34b787187b0abb66693f2442f29d63b81de5e40466937","first_seen":"2025-06-19T20:06:53.527965Z","last_seen":"2026-06-05T02:19:33.61189Z","times_seen":20,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-02","alert":"Sinkholed","trigger":"rbhdapp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.rbh-ht.one/api/common/getCurrencyFee","fqdn":"api.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:27.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:20:58 GMT","end":"Fri, 17 Jul 2026 09:20:57 GMT"},"fingerprint":{"sha1":"9A:EB:29:FE:9E:32:00:F5:42:5A:7C:66:5A:1E:C6:62:EB:3F:C9:DC","sha256":"C3:82:66:1B:86:C4:29:35:96:DB:F3:A1:3D:56:9E:76:FB:31:2A:DF:29:19:4F:AF:83:BD:A4:25:96:41:0F:30"}}},"request":{"raw":"OPTIONS /api/common/getCurrencyFee HTTP/1.1\r\nHost: api.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: authorization,client-device,content-type,timetamp\r\nReferer: https://rbhdapp.com/\r\nOrigin: https://rbhdapp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 May 2026 12:40:27 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nset-cookie: server_name_session=b6d14fe5fc15ba7eeffd60221c1ad8a0; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"ws.rbh-ht.one/?token=17777256260515868833$trade\u0026sub=trade","fqdn":"ws.rbh-ht.one","domain":"rbh-ht.one","tld":"one"},"ip":{"addr":"207.57.190.37","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://rbhdapp.com/","date":"2026-05-02T12:40:29.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ws.rbh-ht.one","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 18 Apr 2026 09:31:58 GMT","end":"Fri, 17 Jul 2026 09:31:57 GMT"},"fingerprint":{"sha1":"73:A5:7B:05:2A:E4:40:96:85:E2:FB:87:79:F0:58:D8:AC:7B:63:1A","sha256":"D5:49:82:DD:06:06:52:4F:56:98:A8:44:59:6C:12:90:6A:1C:63:9D:B8:17:94:CE:15:3D:EC:A7:1B:98:65:5C"}}},"request":{"raw":"GET /?token=17777256260515868833$trade\u0026sub=trade HTTP/1.1\r\nHost: ws.rbh-ht.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://rbhdapp.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: yAqyr5TBhXO8p0Xn7cDHrA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Sat, 02 May 2026 12:40:30 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-Websocket-Accept: ARXpIu5YnN4/048Eob/Cm5Sa26E=\r\nSec-Websocket-Version: 13\r\nSec-Websocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover\r\nSet-Cookie: server_name_session=a31350a5fd4c643f4b7305344cfba74c; Max-Age=86400; httponly; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T23:14:11.29978Z","times_seen":16281720,"resource_available":true,"data":null}},"time_used":1413,"timings":{"blocked":0,"dns":471,"connect":624,"send":0,"wait":157,"receive":0,"ssl":631},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}