{"report_id":"75afa57e-8ac6-4a62-a7c9-9f2f6898f8b1","version":6,"status":"done","tags":[],"date":"2026-02-28T17:26:24Z","url":{"schema":"http","addr":"qnwnnr56nbr.taimupat.info","fqdn":"qnwnnr56nbr.taimupat.info","domain":"taimupat.info","tld":"info"},"ip":{"addr":"172.67.216.171","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"title":"Cloud Storage","dom":{"size":21501,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (392)","md5":"099a39520376b1d18e1a9672ee36319e","sha1":"8496bf3778594687a68f3090fe1b57c854dd80cf","sha256":"c6ff33710e1322bef3e53b41f5b1e8465d920823f23c7a955863fc12a8e11f29","sha512":"a898b081ab88ec0f7d447c2a793d8dbb4d23aed5e6fcb9579ce7f99766f1a3a258e8151bdb4a95eea32f22ea7ba5f217bdf99324a382117df6dea7d457cecab3","ssdeep":"384:+9a79iaTt1iuikixfi+iziLdiqiCiliVP74igC:ga7EaTy/ZoPWLMTrUIC","tlshash":"5ba2513554f6013a05a390a67ab69f0b3ea1d50bca0f46053afc8bc44fc7d92de9b5d8","dom_hash":"domhash8b97c27a5a6ec541e8929db91f27a175","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"qnwnnr56nbr.taimupat.info","fqdn":"qnwnnr56nbr.taimupat.info","domain":"taimupat.info","tld":"info"},"ip":{"addr":"172.67.216.171","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-04T17:26:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"glovobrains.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"track.hillzchew.com","ip":{"addr":"52.84.50.10","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2025-09-29","domain_rank":0,"first_seen":"2025-10-24T14:16:12.1023Z","last_seen":"2026-02-22T17:44:52.668021Z","alert_count":0,"request_count":1,"received_data":23797,"sent_data":579,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"glovobrains.com","ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"domain_registered":"2025-11-05","domain_rank":0,"first_seen":"2026-02-11T21:55:43.971876Z","last_seen":"2026-02-25T19:33:45.822582Z","alert_count":7,"request_count":7,"received_data":88283,"sent_data":7389,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"qnwnnr56nbr.taimupat.info","ip":{"addr":"104.21.37.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-28T17:26:25.040342Z","last_seen":"2026-02-28T17:26:25.040342Z","alert_count":0,"request_count":1,"received_data":22554,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.143.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-02-22T23:01:24.734653Z","alert_count":0,"request_count":1,"received_data":88519,"sent_data":444,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"12a1bf8009e18d747c51b170f977c2ca","sha1":"d2a11be73adc72c8359a4e6702b3945d2946cf98","sha256":"6c795ff31d324201587c8b3e3bcea9136462fa9b3a5b1225ac4b0e9a31345a76","sha512":"706c4ee32fe9af8000ceef0cf51db01f31da9c653c671d35e3b072e5267b4a5fd3db09cd54357c418fa57fe8c9d026c28b9a9a8aed8764533928e81fe2c60d9c","ssdeep":"192:Viui4Hixfi+iziLWSiqiwMGigMBjiVPGqT4i4gT:Viuikixfi+iziLdiqiCiliVP74ib","tlshash":"48d1f25e65a705780adf747b53ef87883470800b9406c5493c7c96948f51ea9a2fefec","size":6290,"data":"","first_seen":"2025-07-27T15:20:29.134613Z","last_seen":"2026-03-12T13:45:51.989994Z","times_seen":93,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.143.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-04T11:42:42.20564Z","times_seen":136267,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"bc44a981fbba08d7ce5387745c245169","sha1":"5b377c13b0ffb344620ac136caadf55bde99a4e5","sha256":"71953bd0ef10662393a5f46081fc13cf922a79a8e24bf7b7b0600b394ac14c6b","sha512":"cbb7d5d92c5703632008c0d85a060f0599a9f626f1579dc44a1a5d98c9015a85e0073860cb8c2b0b87004fb0cac3c3d71406840c92e4595d5923e50e0419fa39","ssdeep":"","tlshash":"08019e5d905639c669331560a7afa221b8b722274c44da44bc6ec7095f15e35350e1e5","size":677,"data":"","first_seen":"2025-07-27T15:20:29.137734Z","last_seen":"2026-03-12T13:45:51.990643Z","times_seen":93,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"track.hillzchew.com/27134bdb-4b29-4db0-9bdc-a1bdb5aa9461?%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","fqdn":"track.hillzchew.com","domain":"hillzchew.com","tld":"com"},"ip":{"addr":"52.84.50.10","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-28T17:26:00.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.hillzchew.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 29 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"1C:F7:44:9B:9E:32:24:F2:43:51:1C:8B:59:7C:A4:68:0C:54:88:F9","sha256":"04:35:E2:C0:AD:A9:BA:CF:F5:37:FD:B3:87:E5:EE:68:A9:A9:99:AA:A5:56:65:78:7B:D5:B1:4C:FF:61:37:28"}}},"request":{"raw":"GET /27134bdb-4b29-4db0-9bdc-a1bdb5aa9461?%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451 HTTP/1.1\r\nHost: track.hillzchew.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-length: 0\r\nlocation: https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451\r\ndate: Sat, 28 Feb 2026 17:26:01 GMT\r\nserver: nginx\r\ncache-control: no-store, no-cache, pre-check=0, post-check=0\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nset-cookie: 27134bdb-4b29-4db0-9bdc-a1bdb5aa9461-v4=6FkgLEH51g_Wo7vh-8S6HQisl2wAy3m9jtLa3iOSfpM; Max-Age=86400; Expires=Sun, 01 Mar 2026 17:26:01 GMT; Domain=track.hillzchew.com; Path=/; Secure; HttpOnly; SameSite=None\ncep-v4=I3CLtc2WpZ6fMx_uibUMLJg9hFwl6xwl5-ym0Xpj5lv3gisoYyyLGOQcnRm88MLd3PbrXBTidUVUwdfSTqcjdVHEu3yVF1OU5cqms0N5P1E-MIPKOdWOMpwjCo2plIx5twe_pNdk6EjS-gdVXoH42yvVaAWVvvmGgPxHJJGTfcFUvXhbj9NPsosVx2bQGevPgkZY0wP3-u1Egrpr8wMEKvgPlkCBJGsf6zSHRtB8kpPXnd0iFC2WBx7SmDYhF5przxxdzxgNe3rJmYOQ8J8lVITxzGrp8pJWfuLTnfj8C91TscHkHKTov5olLYSBCAytSodn_LBfWryBSZbc4jLLUXUEAHhIFJpLkHyVwDeBVj49STLcw_eVZPL5FBs9vvcFHU4SSfG1b-owXT2mwdg8cfM2veMEaRf0MwGbC8C9gUPHO6QjeVAJYImnT01hJzCIuWUIl5Y4kSLYNoEsy993eA; Max-Age=86400; Expires=Sun, 01 Mar 2026 17:26:01 GMT; Domain=track.hillzchew.com; Path=/; Secure; HttpOnly; SameSite=None\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a82071c7a558f0fabf37ee3b940ad600.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: txbQe7jraqu7PKaqhp-mNIDM83F-XttTfQnP7bXkrEKGXoJ-3xM3tA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":21881,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":1303,"timings":{"blocked":639,"dns":148,"connect":1,"send":0,"wait":25,"receive":0,"ssl":487},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/topmenu.png","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","date":"2026-02-28T17:26:01.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glovobrains.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 07:28:05 GMT","end":"Sun, 05 Apr 2026 07:28:04 GMT"},"fingerprint":{"sha1":"90:D1:6B:17:84:CF:16:DB:A3:40:A3:56:7B:8D:7E:38:AD:B2:7C:82","sha256":"E8:EF:0F:D0:AC:AB:7F:66:94:75:36:30:73:39:A5:87:A7:77:2B:A2:92:D6:5F:E1:F4:B8:BB:6E:4C:71:F2:F5"}}},"request":{"raw":"GET /U2/nep4285/US/861/topmenu.png HTTP/1.1\r\nHost: glovobrains.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 07 Mar 2026 17:26:01 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Feb 2026 09:57:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1694\r\ndate: Sat, 28 Feb 2026 17:26:01 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1694,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 59 x 48, 8-bit/color RGB, non-interlaced","md5":"7b532c02a920119223c18bcb66b2f3af","sha1":"aae2508094b68deeec2f40856d1310ebd9687dec","sha256":"0517d075aef94b0a2a92b95f9d7066332bccd99c10151ab5a8a5b24fe4d455fc","sha512":"95251154ae8df76b575471924f9e5a52d56ac84b229693069ecdee84a3aeb5f1cef65b12652e85bbeb55dc7db38f9c7b3dff969d5f9692fdb5437793bba919e0","ssdeep":"","tlshash":"ed31941efe63ec210604fa529ee861530e2707a4cac2a0d66cdddc4345301f8d92dad3","first_seen":"2025-07-27T15:20:29.121053Z","last_seen":"2026-03-12T13:45:51.983751Z","times_seen":93,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"glovobrains.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/topuser.png","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","date":"2026-02-28T17:26:01.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glovobrains.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 07:28:05 GMT","end":"Sun, 05 Apr 2026 07:28:04 GMT"},"fingerprint":{"sha1":"90:D1:6B:17:84:CF:16:DB:A3:40:A3:56:7B:8D:7E:38:AD:B2:7C:82","sha256":"E8:EF:0F:D0:AC:AB:7F:66:94:75:36:30:73:39:A5:87:A7:77:2B:A2:92:D6:5F:E1:F4:B8:BB:6E:4C:71:F2:F5"}}},"request":{"raw":"GET /U2/nep4285/US/861/topuser.png HTTP/1.1\r\nHost: glovobrains.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 07 Mar 2026 17:26:01 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 05 Feb 2026 09:57:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1837\r\ndate: Sat, 28 Feb 2026 17:26:01 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1837,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 55 x 48, 8-bit/color RGB, non-interlaced","md5":"c041de02861bff31c8ebce0247e07759","sha1":"f6e049f8ae74326d09b6ed45636160cdc72bdb98","sha256":"a9fb44715b0c49e50ff3b9090d095a31a05819ac1e6813a7dd9c5b5636f4987a","sha512":"44a560d3ae637bf45724df609826380bf7e07be8cdcf43c74add59626d2d89fb3332f7729c19f27228ae7b390c9327b1f400546123fb3cca9ef1dd8a75cdb41f","ssdeep":"","tlshash":"7d31b366fd10dc051206fb16b9fc9067a77b47c0dac2a8909cedc85749320fada4c2d3","first_seen":"2025-07-27T15:20:29.12328Z","last_seen":"2026-03-12T13:45:51.988122Z","times_seen":93,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"glovobrains.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qnwnnr56nbr.taimupat.info/","fqdn":"qnwnnr56nbr.taimupat.info","domain":"taimupat.info","tld":"info"},"ip":{"addr":"104.21.37.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-28T17:26:00.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"taimupat.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 05:26:53 GMT","end":"Tue, 28 Apr 2026 06:23:21 GMT"},"fingerprint":{"sha1":"C2:33:A4:57:E8:F2:5C:E0:35:76:B1:86:FB:AC:11:73:C1:22:C9:EF","sha256":"1E:6E:A5:3F:DD:88:67:70:62:7D:AF:8B:30:D4:91:1A:01:C6:C4:E6:79:2D:3A:8E:DB:C2:09:26:98:BA:FD:49"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: qnwnnr56nbr.taimupat.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sat, 28 Feb 2026 17:26:00 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://track.hillzchew.com/27134bdb-4b29-4db0-9bdc-a1bdb5aa9461?%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hjaf827fNZWD86m2WZrg7DYxoCwbwztrWR5BX6m0Zsg2SGl7WSXkd3CoJWSaXy34NpcF004RQi8s%2FJLcVajptMa7JEPDmXKirzPCZ5OxgeURSQcCJLB7C7c%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9d519fdc495c3e6a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21881,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T11:49:30.368697Z","times_seen":13330398,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":51,"dns":15,"connect":8,"send":0,"wait":273,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-28T17:26:01.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glovobrains.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 07:28:05 GMT","end":"Sun, 05 Apr 2026 07:28:04 GMT"},"fingerprint":{"sha1":"90:D1:6B:17:84:CF:16:DB:A3:40:A3:56:7B:8D:7E:38:AD:B2:7C:82","sha256":"E8:EF:0F:D0:AC:AB:7F:66:94:75:36:30:73:39:A5:87:A7:77:2B:A2:92:D6:5F:E1:F4:B8:BB:6E:4C:71:F2:F5"}}},"request":{"raw":"GET /U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451 HTTP/1.1\r\nHost: glovobrains.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Thu, 05 Feb 2026 09:57:56 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3918\r\ndate: Sat, 28 Feb 2026 17:26:01 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":21881,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (392)","md5":"effa9300d4eff017c4225c182e6cba6b","sha1":"7f8f7dfa0aebdc9235c394034ca8feed6b1ed7cf","sha256":"4b7b01b4de6286ca10e106e8e0494e862deaaf55ac0dbd0a9281b8a7f8dac096","sha512":"1bd32588fd04c34ddea8952e18ceaef0b23ba1dede245543748b207095d2e4b5357dbe82391a24957f0509916ebae761ad59eccddfc9138033cfd74093dcb3bf","ssdeep":"384:oA79Da8t1iuikixfi+iziLdiqiCiliVP74igtM:D71a8y/ZoPWLMTrUIu","tlshash":"16a2513554f6013605a390a67ab69f0b3ea1d50bca0f46453afc8bc44fc3d92de9b6d8","first_seen":"2026-02-11T21:55:48.283678Z","last_seen":"2026-03-12T13:45:51.98129Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":224,"dns":97,"connect":59,"send":0,"wait":60,"receive":0,"ssl":66},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"glovobrains.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/style11.css","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","date":"2026-02-28T17:26:01.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glovobrains.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 07:28:05 GMT","end":"Sun, 05 Apr 2026 07:28:04 GMT"},"fingerprint":{"sha1":"90:D1:6B:17:84:CF:16:DB:A3:40:A3:56:7B:8D:7E:38:AD:B2:7C:82","sha256":"E8:EF:0F:D0:AC:AB:7F:66:94:75:36:30:73:39:A5:87:A7:77:2B:A2:92:D6:5F:E1:F4:B8:BB:6E:4C:71:F2:F5"}}},"request":{"raw":"GET /U2/nep4285/US/861/style11.css HTTP/1.1\r\nHost: glovobrains.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 07 Mar 2026 17:26:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Feb 2026 09:57:56 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6844\r\ndate: Sat, 28 Feb 2026 17:26:01 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48563,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (377)","md5":"984dccfd06305fe262f3ffee16d323f9","sha1":"82efc053435c78b19f1825ae9617ce6b880eb3df","sha256":"b797243190f20d7e0b9992cb3f5530736ab31a2cae10fd58b67a93821ec2eecc","sha512":"0507712b9234ef7c529a82f7c82c4f810b7494d7bb815127583c0b3827fc4ffd7116f4b5200c3bf5353178263f812b7fed8550c2753f74bd3d15e6168372953c","ssdeep":"768:bDwTUJnUDZOsFzFqFZ6/FzFsFFCFwFOcF0:Gtgf6/NCFIqocG","tlshash":"a423938b4df30d09a42b54687bfe9a9633285053612fcda9be8c7f40cf8a165c552f4e","first_seen":"2025-07-27T15:20:29.109471Z","last_seen":"2026-03-12T13:45:51.987316Z","times_seen":93,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"glovobrains.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/_style00.css","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","date":"2026-02-28T17:26:01.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glovobrains.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 07:28:05 GMT","end":"Sun, 05 Apr 2026 07:28:04 GMT"},"fingerprint":{"sha1":"90:D1:6B:17:84:CF:16:DB:A3:40:A3:56:7B:8D:7E:38:AD:B2:7C:82","sha256":"E8:EF:0F:D0:AC:AB:7F:66:94:75:36:30:73:39:A5:87:A7:77:2B:A2:92:D6:5F:E1:F4:B8:BB:6E:4C:71:F2:F5"}}},"request":{"raw":"GET /U2/nep4285/US/861/_style00.css HTTP/1.1\r\nHost: glovobrains.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 07 Mar 2026 17:26:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Feb 2026 09:57:56 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 771\r\ndate: Sat, 28 Feb 2026 17:26:01 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3537,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4530ad151e54d22d226793cb1b7f944a","sha1":"a78a832d286c5c6cf7a2fd82045762f2db89e8a3","sha256":"298a266a6372fa0aa186f71917d86058d12d5aabed40554fa75a279fb7ad1275","sha512":"51cd6892e7e2c5d888aaf3a53cd61da24bc7feebfb4fa2bdecee3e278d789cccf2c91a764419bde98688a15f414e233b4f79922f23901237576a1227b94350af","ssdeep":"","tlshash":"93719aa5eda30ddb300795a8277ec5820729a5a39409dfae7b5cb2508f887c4dc71ac8","first_seen":"2025-07-27T15:20:29.117587Z","last_seen":"2026-03-12T13:45:51.982236Z","times_seen":93,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"glovobrains.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glovobrains.com/U2/nep4285/US/861/iclogo.jpg","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","date":"2026-02-28T17:26:01.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glovobrains.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 07:28:05 GMT","end":"Sun, 05 Apr 2026 07:28:04 GMT"},"fingerprint":{"sha1":"90:D1:6B:17:84:CF:16:DB:A3:40:A3:56:7B:8D:7E:38:AD:B2:7C:82","sha256":"E8:EF:0F:D0:AC:AB:7F:66:94:75:36:30:73:39:A5:87:A7:77:2B:A2:92:D6:5F:E1:F4:B8:BB:6E:4C:71:F2:F5"}}},"request":{"raw":"GET /U2/nep4285/US/861/iclogo.jpg HTTP/1.1\r\nHost: glovobrains.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 07 Mar 2026 17:26:01 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 05 Feb 2026 09:57:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7329\r\ndate: Sat, 28 Feb 2026 17:26:01 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7329,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"3691e480f71d3a15007ddb4d4f7f8f23","sha1":"15f494962279c86bd0b54354eeb26fcdd22bc3b0","sha256":"1504328d43a85d0d18a6262b974391b4cc0cbf7433aabcb342dc1ea4760e8aca","sha512":"ec0e86aa1fe0ed93feb4596424be816e00432843452dec86ed8addfce8a12858b3c94b1e185aa9f934ffa04b204654c2c498fbdeeb9e174daa79da90f32b0bee","ssdeep":"192:LwtwISCTXCm/HMNO2imx8pfFLukSN/lyhmG:Lwtw7UCm/p2imGfwnN4YG","tlshash":"93e17f743de26243cb1959878dfa2c36e96b49a1c659614160dbec0f4c00ac38ff74c5","first_seen":"2025-07-27T15:20:29.125263Z","last_seen":"2026-03-12T13:45:51.984716Z","times_seen":93,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"glovobrains.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.143.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","date":"2026-02-28T17:26:01.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glovobrains.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30462\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 21:13:17 GMT\r\nexpires: Fri, 26 Feb 2027 21:13:17 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 12 Sep 2023 02:38:22 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 159164\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87533,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-04T11:42:42.20564Z","times_seen":136267,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":80,"dns":0,"connect":10,"send":0,"wait":9,"receive":8,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glovobrains.com/favicon.ico","fqdn":"glovobrains.com","domain":"glovobrains.com","tld":"com"},"ip":{"addr":"82.221.129.40","port":443,"asn":50613,"as":"Advania Island ehf","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451","date":"2026-02-28T17:26:02.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.glovobrains.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 07:28:05 GMT","end":"Sun, 05 Apr 2026 07:28:04 GMT"},"fingerprint":{"sha1":"90:D1:6B:17:84:CF:16:DB:A3:40:A3:56:7B:8D:7E:38:AD:B2:7C:82","sha256":"E8:EF:0F:D0:AC:AB:7F:66:94:75:36:30:73:39:A5:87:A7:77:2B:A2:92:D6:5F:E1:F4:B8:BB:6E:4C:71:F2:F5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: glovobrains.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glovobrains.com/U2/nep4285/US/861/?dom=track.hillzchew.com\u0026cep=qMyeuV_ERoy40aNYNyiaALxNJy-r6adf6UDLbpb9iTv2lMBSeIedY0SAXPRat-gknfa5_A-5XpXzN9a4S0T57D_ad0jhd2TnSGC8eYug2LwkaozHNp8hnf6l4gB4oMZt-y4sHjSPhM3T8mwAy_a8C_t9tpFIrO_KqDWVABuBqjLNTXVnzQ13L5AZLT76NTf6TQTlMwVE-e-otTpdaNwowexDLCTHQwKlYvtvmwHVcxbRVL8G7vQcN4CcWFxAjulyHOL-IsiLFIjqtZ5EusCUEV8MeCEE83exeefwuD0hcg11WhKzXto_FG3iTg3_0ZtOFe5uwif7y1vdlQzwUhq0w9_yWJuEUVCjqYUD2p42NLYdbUeZeqdYmomS4HYhryMMqCeoZQWo5NVv6kosgQ20EZaTyWBGbU4WuwGv91fTOCzIzFwQ9b1UwV0wqN8VOWOjDLV7SSKXOn-VwYqovSBenw\u0026lptoken=177c726230ac135f61e3\u0026%7Bvar1%7D=txt2\u0026%7Bvar2%7D=2072\u0026%7Bvar3%7D=15122168451\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Sat, 28 Feb 2026 17:26:02 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-04T11:43:14.712866Z","times_seen":115680,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"glovobrains.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}