{"report_id":"9ec194bb-7ae9-44e9-90f8-d585f02ab681","version":6,"status":"done","tags":[],"date":"2026-02-04T17:09:46Z","url":{"schema":"http","addr":"rrsaraf.com","fqdn":"rrsaraf.com","domain":"rrsaraf.com","tld":"com"},"ip":{"addr":"192.185.146.129","port":0,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"rrsaraf.com/","fqdn":"rrsaraf.com","domain":"rrsaraf.com","tld":"com"},"title":"rrsaraf.com/","dom":{"size":1892,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"10210c4af3aa2ca3fef158ae0f1dd92b","sha1":"7181c40c845f9b91952b4aef9dec9343a3a7e202","sha256":"bf9a0a7c2e56197a93e99567d66b6d1066ba78f2f9bfc6c49a529f43e713e61a","sha512":"0b3e91a7101556fa9cade9f3b32650228062404247a050dc698187482f9e2b8e08a90cb7c683c8cdfb029558a175d8083c75f40848b17a13604cb20f71fdf38f","ssdeep":"","tlshash":"9d41cc5b51eb0106aa43b4142ba63f102454940bd15fcca53ebc5398cfce76a49d7b2c","dom_hash":"domhashfa598f91a504ca0c549f2900288450a0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rrsaraf.com","fqdn":"rrsaraf.com","domain":"rrsaraf.com","tld":"com"},"ip":{"addr":"192.185.146.129","port":0,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-11T17:09:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-04","alert":"Phishing Block","trigger":"rrsaraf.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"rrsaraf.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"rrsaraf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"rrsaraf.com","ip":{"addr":"192.185.146.129","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"domain_registered":"2024-03-04","domain_rank":0,"first_seen":"2025-10-07T20:57:49.053887Z","last_seen":"2026-02-04T15:50:27.95033Z","alert_count":9,"request_count":3,"received_data":48583,"sent_data":1345,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-01T22:17:46.954894Z","alert_count":0,"request_count":2,"received_data":23398,"sent_data":1142,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-01T22:14:44.580478Z","alert_count":0,"request_count":2,"received_data":48289,"sent_data":1052,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"rrsaraf.com/","fqdn":"rrsaraf.com","domain":"rrsaraf.com","tld":"com"},"ip":{"addr":"192.185.146.129","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T17:09:25.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rrsaraf.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 09:34:11 GMT","end":"Sat, 25 Apr 2026 09:34:10 GMT"},"fingerprint":{"sha1":"DB:D7:75:4E:5C:04:27:B9:E8:24:A1:4F:EC:40:DC:EB:96:48:79:FB","sha256":"ED:49:4C:0C:10:99:7D:19:2D:2D:6D:AF:85:64:A6:5D:7A:7D:4C:1A:73:A7:88:2C:16:2E:19:F4:69:5E:40:DA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rrsaraf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 08 Aug 2024 12:19:26 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 732\r\ncontent-type: text/html\r\ndate: Wed, 04 Feb 2026 17:09:25 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1898,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"802d972022cd4f1fe59b7ea4678f6283","sha1":"baddaa60921c4d2a2642c8a0d2de0c9e955edc30","sha256":"b509bd47e4e3bcdd42fc01c2608c39b014c3ce7cde856d14509b484c6e4e38f8","sha512":"f285b4391e4229fd2b1ae62fd259da4a2c392d699db0e652f47fa6df6327bba7234b1583216d5cf1a30fceafb06b741f2115c417f6fa53c26ac1ead4fcc54def","ssdeep":"","tlshash":"cf41cc5b51eb01066a43b4142ba63f102454940bd15fcca63ebd5398cfcab6a45d7b2c","first_seen":"2025-11-10T09:07:34.297974Z","last_seen":"2026-02-04T17:09:46.825934Z","times_seen":3,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":246,"dns":6,"connect":112,"send":0,"wait":125,"receive":0,"ssl":124},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-04","alert":"Phishing Block","trigger":"rrsaraf.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"rrsaraf.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"rrsaraf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026family=Libre+Baskerville:ital,wght@0,400;0,700;1,400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rrsaraf.com/","date":"2026-02-04T17:09:26.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026family=Libre+Baskerville:ital,wght@0,400;0,700;1,400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rrsaraf.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 04 Feb 2026 17:09:26 GMT\r\ndate: Wed, 04 Feb 2026 17:09:26 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11013,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"5aae0ae379e11e9e2407897444353642","sha1":"ab82291704daaae16897817c847b81e6a58c8594","sha256":"3af70719591cb96fcb7af392910917146900cdf132915bee4544ff0510a1b13d","sha512":"8b895d945f08d2a8310b9a06d134468fb20f433b972574db59e894ddb5b88cd9bd03852f0ede2a2314dd2b7bbbfcb66fd3c4ee6a0849eaf8de931b2eb4575b85","ssdeep":"192:43pv33pUn/J3n/lOw3Oir/i3r/Ux/o3x/TpwOp7RIu71D5Mp76AOwROol/6liU:4353m/R/lFx7u7Up8pTHu58","tlshash":"2232de92086fa504db931dc222ca7e32ff0f625064559934effe14d8bc97d6a9361b1c","first_seen":"2025-11-23T12:05:26.557164Z","last_seen":"2026-05-18T21:05:37.251084Z","times_seen":22,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":119,"dns":1,"connect":7,"send":0,"wait":21,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rrsaraf.com/RRSG-LOGO-01V2.png","fqdn":"rrsaraf.com","domain":"rrsaraf.com","tld":"com"},"ip":{"addr":"192.185.146.129","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rrsaraf.com/","date":"2026-02-04T17:09:26.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rrsaraf.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 09:34:11 GMT","end":"Sat, 25 Apr 2026 09:34:10 GMT"},"fingerprint":{"sha1":"DB:D7:75:4E:5C:04:27:B9:E8:24:A1:4F:EC:40:DC:EB:96:48:79:FB","sha256":"ED:49:4C:0C:10:99:7D:19:2D:2D:6D:AF:85:64:A6:5D:7A:7D:4C:1A:73:A7:88:2C:16:2E:19:F4:69:5E:40:DA"}}},"request":{"raw":"GET /RRSG-LOGO-01V2.png HTTP/1.1\r\nHost: rrsaraf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rrsaraf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 26 Jul 2024 05:59:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 34153\r\ncontent-type: image/png\r\ndate: Wed, 04 Feb 2026 17:09:26 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":34153,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1250 x 973, 8-bit/color RGBA, non-interlaced","md5":"027e6606cdb7636c99080762c9c6305b","sha1":"47f9623cb12571f3bff68eedbadf2db724403e8e","sha256":"899eb5ed2e9e8cc73ca4e5ce4345eed5bb1e97319d641b149add885d38c726eb","sha512":"f63ef2b149a042d8c78c288fd73b5e164f90daa5983ecdcba7160b8cc386d6a28a01c4f3ddae44420e8f8615669506dc6ac76f80303e43627bd4df36d22c7c06","ssdeep":"768:Z6jEZUTqeD+N0FqsuwEhFwmQJVlmLYrnVPDGo5S6d0r7Ld8Kv4OL/:Z6juUeeD+tsh2bQJVlmLKSoc6iurM/","tlshash":"8fe2e0d0a7405a5ef2af5efc4cdaca51355a07090f3635e44b99ecd260de428a40bbde","first_seen":"2025-11-10T09:07:34.301218Z","last_seen":"2026-02-04T17:09:46.828502Z","times_seen":3,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"rrsaraf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"rrsaraf.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-04","alert":"Phishing Block","trigger":"rrsaraf.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026family=Libre+Baskerville:ital,wght@0,400;0,700;1,400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rrsaraf.com/","date":"2026-02-04T17:09:26.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026family=Libre+Baskerville:ital,wght@0,400;0,700;1,400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rrsaraf.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 04 Feb 2026 17:09:26 GMT\r\ndate: Wed, 04 Feb 2026 17:09:26 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11013,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"5aae0ae379e11e9e2407897444353642","sha1":"ab82291704daaae16897817c847b81e6a58c8594","sha256":"3af70719591cb96fcb7af392910917146900cdf132915bee4544ff0510a1b13d","sha512":"8b895d945f08d2a8310b9a06d134468fb20f433b972574db59e894ddb5b88cd9bd03852f0ede2a2314dd2b7bbbfcb66fd3c4ee6a0849eaf8de931b2eb4575b85","ssdeep":"192:43pv33pUn/J3n/lOw3Oir/i3r/Ux/o3x/TpwOp7RIu71D5Mp76AOwROol/6liU:4353m/R/lFx7u7Up8pTHu58","tlshash":"2232de92086fa504db931dc222ca7e32ff0f625064559934effe14d8bc97d6a9361b1c","first_seen":"2025-11-23T12:05:26.557164Z","last_seen":"2026-05-18T21:05:37.251084Z","times_seen":22,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":224,"dns":5,"connect":22,"send":0,"wait":18,"receive":0,"ssl":208},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rrsaraf.com/favicon.ico","fqdn":"rrsaraf.com","domain":"rrsaraf.com","tld":"com"},"ip":{"addr":"192.185.146.129","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rrsaraf.com/","date":"2026-02-04T17:09:26.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rrsaraf.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 09:34:11 GMT","end":"Sat, 25 Apr 2026 09:34:10 GMT"},"fingerprint":{"sha1":"DB:D7:75:4E:5C:04:27:B9:E8:24:A1:4F:EC:40:DC:EB:96:48:79:FB","sha256":"ED:49:4C:0C:10:99:7D:19:2D:2D:6D:AF:85:64:A6:5D:7A:7D:4C:1A:73:A7:88:2C:16:2E:19:F4:69:5E:40:DA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: rrsaraf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rrsaraf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nlast-modified: Fri, 30 Sep 2022 11:47:20 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 4677\r\ncontent-type: text/html\r\ndate: Wed, 04 Feb 2026 17:09:26 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}],"data":{"size":11816,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (358)","md5":"a8063bd37d3c8fb3176a6bf140558a4d","sha1":"e32cf4b407db3d3773ded13ff64b70fdbad7735f","sha256":"bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482","sha512":"82d749f6b17b21587fb345ca196a2aa83eca80ad66ed9c1ab88b36709bed14175d53afefe9acc0dafc4fad78ffb8df155193a6829bc857ad6d68b1c84af7b854","ssdeep":"192:bpvXn2H25Zx48DNYGu6C9tdDOxktft1zQOPtaUrzvHlPuPQXGuV27BHplXtAUU/s:FvX2H25v4CYn6etFTBvhtv4IcpRtlU/s","tlshash":"bd32940bab4c063b1312459a7458639a370fc87fe2661bb474bfc06867d16a649f23dc","first_seen":"2023-04-05T03:58:47Z","last_seen":"2026-06-13T23:37:09.313119Z","times_seen":15615,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"rrsaraf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"rrsaraf.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-04","alert":"Phishing Block","trigger":"rrsaraf.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rrsaraf.com/","date":"2026-02-04T17:09:26.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rrsaraf.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Feb 2026 12:31:08 GMT\r\nexpires: Thu, 04 Feb 2027 12:31:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 16698\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-06-13T23:33:56.396843Z","times_seen":233087,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":142,"dns":3,"connect":7,"send":0,"wait":22,"receive":3,"ssl":128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rrsaraf.com/","date":"2026-02-04T17:09:26.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rrsaraf.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23040\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 28 Jan 2026 23:39:07 GMT\r\nexpires: Thu, 28 Jan 2027 23:39:07 GMT\r\ncache-control: public, max-age=31536000\r\nage: 581419\r\nlast-modified: Mon, 15 Sep 2025 17:11:31 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23040,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23040, version 1.0","md5":"de69cf9e514df447d1b0bb16f49d2457","sha1":"2ac78601179c3a63ba3f3f3081556b12ddcaf655","sha256":"c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49","sha512":"4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1","ssdeep":"384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD","tlshash":"fca2e1c05cc1e2d4ae02daf7fda5a4eab4e2f01123a8f65f8f114b75d505993640fe01","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-06-13T23:33:56.334989Z","times_seen":169527,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":69,"dns":3,"connect":7,"send":0,"wait":20,"receive":6,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}