{"report_id":"54136f8f-01cf-4de8-96c6-8cd4e2997402","version":6,"status":"done","tags":["google"],"date":"2026-05-14T15:13:21Z","url":{"schema":"http","addr":"web.amarifirmdynamic-concepts.com","fqdn":"web.amarifirmdynamic-concepts.com","domain":"amarifirmdynamic-concepts.com","tld":"com"},"ip":{"addr":"198.251.88.117","port":0,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"final":{"url":{"schema":"https","addr":"web.amarifirmdynamic-concepts.com/","fqdn":"web.amarifirmdynamic-concepts.com","domain":"amarifirmdynamic-concepts.com","tld":"com"},"title":"Sign in - Google Accounts","dom":{"size":12524,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"8643b7a4d81c8fb3258a13666b20f7bb","sha1":"987f58e3866ed199ac3cb638ef68fe8497bd4511","sha256":"e59e4ca83e8f0a33c97b39da072a4622ba6cbd1699e3850b55ae1e7ecc411905","sha512":"28d1300725b8e158ccd078ff034f724687d83e3adaccac1e6666c102a1dead47b864f6147b742bb62f39471ee8cf3ea0fb6e8072ba04e75476f71702ed86754c","ssdeep":"192:tT9RmWkStTqo8uk+N1TQl26rd2+IayJF/ruTJpy8hflo/dNHX5X3M/:DRmWJ8yBunt","tlshash":"0b4235ab3ae714666c57a87933e7938572218003d109ca253e9c6358cf4abc45db2fdc","dom_hash":"domhashbc61572b55096587bc39b361b76a5134","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"web.amarifirmdynamic-concepts.com","fqdn":"web.amarifirmdynamic-concepts.com","domain":"amarifirmdynamic-concepts.com","tld":"com"},"ip":{"addr":"198.251.88.117","port":0,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-18T15:13:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-14","alert":"Phishing Block","trigger":"web.amarifirmdynamic-concepts.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Google","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Google phishing","tags":["google"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Google","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Google phishing","tags":["google"],"meta":null}]},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-10T22:17:57.86744Z","alert_count":0,"request_count":2,"received_data":87940,"sent_data":1136,"comment":"","tags":null,"fingerprints":null},{"fqdn":"web.amarifirmdynamic-concepts.com","ip":{"addr":"198.251.88.117","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"domain_registered":"2023-10-11","domain_rank":0,"first_seen":"2026-05-07T01:34:46.723202Z","last_seen":"2026-05-14T03:19:55.759607Z","alert_count":10,"request_count":2,"received_data":15158,"sent_data":975,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-10T22:20:44.526759Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Google","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Google phishing","tags":["google"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"web.amarifirmdynamic-concepts.com/","fqdn":"web.amarifirmdynamic-concepts.com","domain":"amarifirmdynamic-concepts.com","tld":"com"},"ip":{"addr":"198.251.88.117","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":true,"md5":"db3b9cf7ac23753235a5d21bf8400c5e","sha1":"b3c049a9e821a997ec78fa71a5f5955bb509f516","sha256":"1c5cb8427c621e5101c2fb881aec5123a45a375f35143fff79ccc75e45668bfb","sha512":"f209c48cc423b85ed23eb48472df560348093da13839cf92cc1152eed47838cfb1b4929b84796ee554d62f02325b6e1b80b92fbbd250c056c599e4af28f65adf","ssdeep":"","tlshash":"0561aa7a39e72c320cff3cbb23db53c8b52140137848d615b91ca6654f51e866ab6ec6","size":3172,"data":"","first_seen":"2026-05-14T03:19:59.6596Z","last_seen":"2026-05-14T15:13:53.106228Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://web.amarifirmdynamic-concepts.com/","date":"2026-05-14T15:13:00.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:40 GMT","end":"Mon, 13 Jul 2026 08:36:39 GMT"},"fingerprint":{"sha1":"7F:B3:C1:48:F4:27:B8:68:3C:19:02:13:E1:6F:23:04:AC:C8:65:17","sha256":"FC:08:6D:DD:C4:AF:25:5E:6A:51:A0:A1:4E:27:4A:FF:E3:A5:37:ED:A4:1A:33:C1:27:48:DE:AB:71:AE:5D:2D"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://web.amarifirmdynamic-concepts.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 14 May 2026 10:17:38 GMT\r\nexpires: Fri, 14 May 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 17722\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-05-14T17:58:39.824481Z","times_seen":142277,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":98,"dns":0,"connect":14,"send":0,"wait":15,"receive":19,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://web.amarifirmdynamic-concepts.com/","date":"2026-05-14T15:13:00.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:40 GMT","end":"Mon, 13 Jul 2026 08:36:39 GMT"},"fingerprint":{"sha1":"7F:B3:C1:48:F4:27:B8:68:3C:19:02:13:E1:6F:23:04:AC:C8:65:17","sha256":"FC:08:6D:DD:C4:AF:25:5E:6A:51:A0:A1:4E:27:4A:FF:E3:A5:37:ED:A4:1A:33:C1:27:48:DE:AB:71:AE:5D:2D"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://web.amarifirmdynamic-concepts.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 14 May 2026 10:17:38 GMT\r\nexpires: Fri, 14 May 2027 10:17:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 17722\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-05-14T17:58:39.824481Z","times_seen":142277,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":68,"dns":1,"connect":28,"send":0,"wait":23,"receive":10,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"web.amarifirmdynamic-concepts.com/favicon.ico","fqdn":"web.amarifirmdynamic-concepts.com","domain":"amarifirmdynamic-concepts.com","tld":"com"},"ip":{"addr":"198.251.88.117","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://web.amarifirmdynamic-concepts.com/","date":"2026-05-14T15:13:00.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amarifirmdynamic-concepts.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 08:05:26 GMT","end":"Mon, 20 Jul 2026 08:05:25 GMT"},"fingerprint":{"sha1":"91:6D:3C:DC:31:6C:1C:D3:B4:B9:9B:71:6F:FA:DC:B7:F5:B0:4F:B6","sha256":"04:CD:F3:FB:44:10:8B:49:B1:CB:B1:CD:0C:FF:14:42:77:8A:BD:12:12:7A:58:F0:88:7D:47:97:D9:AA:3F:81"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: web.amarifirmdynamic-concepts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.amarifirmdynamic-concepts.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 14 May 2026 15:13:00 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nvary: User-Agent\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-05-14T17:57:33.536913Z","times_seen":126806,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-14","alert":"Phishing Block","trigger":"web.amarifirmdynamic-concepts.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Google","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Google phishing","tags":["google"],"meta":null}]}},{"url":{"schema":"https","addr":"web.amarifirmdynamic-concepts.com/","fqdn":"web.amarifirmdynamic-concepts.com","domain":"amarifirmdynamic-concepts.com","tld":"com"},"ip":{"addr":"198.251.88.117","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-14T15:12:59.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"amarifirmdynamic-concepts.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 08:05:26 GMT","end":"Mon, 20 Jul 2026 08:05:25 GMT"},"fingerprint":{"sha1":"91:6D:3C:DC:31:6C:1C:D3:B4:B9:9B:71:6F:FA:DC:B7:F5:B0:4F:B6","sha256":"04:CD:F3:FB:44:10:8B:49:B1:CB:B1:CD:0C:FF:14:42:77:8A:BD:12:12:7A:58:F0:88:7D:47:97:D9:AA:3F:81"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: web.amarifirmdynamic-concepts.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Tue, 12 May 2026 12:23:32 GMT\r\netag: \"332f-6a031bc4-77861dfb76931e11;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 2961\r\ndate: Thu, 14 May 2026 15:13:00 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13103,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"40b00b12731cb3d1e86841fd5fdbce90","sha1":"ff8112481b4a47bea06e932ad482a7607dfbbde7","sha256":"f6940227dce1af8ea319a6037c111c48ba46042c883408382b868c2f10955989","sha512":"60bc111e5bc5c42e14f7dbf41d3eb5d8b3383495e9f7d77aa5734817b231ada1102004e81faf9cf69c99718c6d91feb196491fba952ddd90daba1fe65b5811a7","ssdeep":"192:7s7QdaQ7zxQsMeWCzynHld0F8Q2Q4o3sQNk2PnXgzPbrOW0E/TqAF:oHo0wa/2PgX","tlshash":"ea426729b6451412587babb9b7a38389f7520063d301c3297edc63524fba9489a73fdc","first_seen":"2026-05-14T03:19:59.656946Z","last_seen":"2026-05-14T15:13:53.104048Z","times_seen":4,"resource_available":true,"data":null}},"time_used":803,"timings":{"blocked":257,"dns":90,"connect":69,"send":0,"wait":287,"receive":1,"ssl":95},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-14","alert":"Phishing Block","trigger":"web.amarifirmdynamic-concepts.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-14","alert":"Sinkholed","trigger":"web.amarifirmdynamic-concepts.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Google","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Google phishing","tags":["google"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://web.amarifirmdynamic-concepts.com/","date":"2026-05-14T15:13:00.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://web.amarifirmdynamic-concepts.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 14 May 2026 15:13:00 GMT\r\ndate: Thu, 14 May 2026 15:13:00 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"4c8ef72eb043b6205edde8d9e910787e","sha1":"fa8b1cd29ea6e9bd2113a33d10ab096306430f37","sha256":"0031e12119f0b0e9820611dc4e888b0decf9c9924e4b2bea291397e70105305a","sha512":"80bf1edac61df533f32176b490302e90a6213b72b5ea335092fa25128a4229cc7967e5c4cdc6cec06c923335260d0ecb779fad1b36a26ff616b4eb4465e34e7f","ssdeep":"384:89fM919W969yh9/qY4X9N9t9i9fD9O9d9B9ya9/qY4Q9G9m949fd9k9D939yQ9/O:8yjooYhREHPM5svvYaR7AIWP2ZZYQRVs","tlshash":"8c721fa1041744009b838ce223cebf35fe1f52117142d0b5abfd9b6baddbca6526936d","first_seen":"2026-02-19T23:44:13.889102Z","last_seen":"2026-05-14T17:28:22.220804Z","times_seen":3179,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":109,"dns":1,"connect":21,"send":0,"wait":32,"receive":0,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}