{"report_id":"a62eef5d-2f48-4b46-8121-e0163f5a0802","version":6,"status":"done","tags":[],"date":"2026-03-25T15:52:44Z","url":{"schema":"http","addr":"glowremotely.com","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"glowremotely.com/m/index","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"title":"Shopee","dom":{"size":39773,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (32274)","md5":"0c4e4d03ba64ded2744537cff89e33f6","sha1":"eaf5ab3553b00c1493a113ef55bea54eba17e03b","sha256":"e6071740072ff6a5274c1dcbf16e7b3184db3cd6fd750a1c358f6a0ff4ea895c","sha512":"4722a50ee7ac400cfb80fc62ad350877413995fc7dca6d843e2b2564f01ed9fe5ff6c2169181df155bb85917b70b7f844e618465ac535d4b93d265163cda655e","ssdeep":"384:VEZUaJkat06HsTjbLwLIIISqGM5rvl/Bul0RMQgG0St0Ok/yvA383VOjVokPhctp:VEiZeCwLIIISqttL3VOjVokPhctp","tlshash":"7d03ef31d0021aaf6263ddd1f134fb49a0b6e70fc235940076ad875d7fd2ef86a6419a","dom_hash":"domhashf3b085deafc483612a2b1c80f519abf9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"glowremotely.com","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-29T15:52:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":10}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"kosmetikskin.net","ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-02-06","domain_rank":0,"first_seen":"2026-02-11T16:15:04.117402Z","last_seen":"2026-03-25T12:41:07.976495Z","alert_count":90,"request_count":18,"received_data":1025502,"sent_data":7809,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"glowremotely.com","ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-03-23","domain_rank":0,"first_seen":"2026-03-25T12:41:07.472508Z","last_seen":"2026-03-25T12:41:07.472508Z","alert_count":805,"request_count":161,"received_data":3442696,"sent_data":73495,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-03-22T22:31:48.48691Z","alert_count":0,"request_count":13,"received_data":1717367,"sent_data":5858,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"down-sg.img.susercontent.com","ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2022-07-18","domain_rank":506728,"first_seen":"2023-02-16T02:40:30Z","last_seen":"2026-03-22T00:14:24.968349Z","alert_count":0,"request_count":20,"received_data":3708584,"sent_data":9520,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-22T22:20:05.651051Z","alert_count":0,"request_count":1,"received_data":1251,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","size":22805,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.767438Z","times_seen":1026,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","size":128745,"data":"","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-04-08T20:24:41.831947Z","times_seen":2092,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","size":13638,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.836208Z","times_seen":1043,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","size":93675,"data":"","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-04-08T20:24:41.835686Z","times_seen":3685,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","size":62797,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.742193Z","times_seen":1028,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/app.53577dab.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d977558c73a4fd5d2c6f5516ada74835","sha1":"57d9314b318071fc02a4f3d7f73dcfb5da19897a","sha256":"8f52d856fe5bd83c7ad1d07008e01a06eb402f10429ee297f09d9d22c18e35c7","sha512":"02a26f13fd8f34ea1d16aff9e9bb38e527247f20246aa4a48e46e0cd1d6b6980da300d567631666ceaef503ea613b75982ccb080f8fef6f2ec08d667df3fa311","ssdeep":"12288:y8T/2f2k6qFtDu2XKkd6lX8I82S11yo52ZQixQn1+paHil6OHpAQ9ogO/xX+jaNG:y4fu0iSyuA5iy8","tlshash":"63457c9833de76f60042e456600f3e3c71661ebaf74691816c71e6dc26e9ab14633e3b","size":1246747,"data":"","first_seen":"2026-01-20T14:17:30.759934Z","last_seen":"2026-04-08T20:24:41.859578Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/lib/flexible.js?2222","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1572c9446821f8b1dc1136b64b44e739","sha1":"6a786ef63db48581f50e85601ef4a3effe8bf095","sha256":"264ef2e4767a942ee634794619d94edbd7da642cb79277c16b974cac9795c246","sha512":"4283dbb16b94c7db39673fb92808835e7f2ccb34f64502d0524cd571fb28e91c82abddcbf1224d4b83c1fb30908c96a4d16b604b22ef0f491c2bdf2d00213598","ssdeep":"","tlshash":"5b81322806e322361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","size":4065,"data":"","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-04-08T20:24:41.838832Z","times_seen":772,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/lib/jquery-1.11.2.min.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","size":96382,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.827361Z","times_seen":1616,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","size":92050,"data":"","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-04-08T20:24:41.780964Z","times_seen":1274,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ea671664a4781158f00958fc37fff43","sha1":"85da357f6e79636c538688e45ec51d157c6294c6","sha256":"e7f9727d063ee11e78aa2edd32d0a142fb798fb7154bdae1fcef99a637c1c1ef","sha512":"1314bd9f0c883f518cf680dddad1098d2792ae8d8b55b9eb0c797daf764002c67b2112665fab030db9ddae5ea891513ed240c143bcce53a66f0e8b785294833e","ssdeep":"","tlshash":"ac21a42c2d5babf8930338b1a032c65068f8e51ff114af0677ae0fd04b757ee8918824","size":1301,"data":"","first_seen":"2023-03-08T23:52:18Z","last_seen":"2026-04-08T20:24:41.86053Z","times_seen":758,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-vendors.42f07336.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bdaaed4e9e1d5e0322ea968e6f47ac0c","sha1":"85c58af8151ed5badcdca952295e8c6e7b3e1e15","sha256":"c9634af5f9b16a9f44d78311163effd76467a2441f744859c96fc066a3b58aa8","sha512":"e23c153981e588a4d6b99c8341da319ce7e9bb16036ff952a8a469910640505b6e7ee7bb9e6d06dc59082f537053bb46cc8d800b82de8a730abee7d743bf03d5","ssdeep":"1536:qJuH03+0goh0dbU2Q+39Ya7C5x+eccVdofh3q4A6R:qJuU3bCbU2Q+3MXccgpE6R","tlshash":"0553e788f2d5b070439771a8402f610bf37ae959b44d8498f625e8e1bdb8dce546bf38","size":65536,"data":"","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-04-08T20:24:41.775481Z","times_seen":718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-9c1c641c.471bd454.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","size":925,"data":"","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-04-08T20:24:41.778667Z","times_seen":564,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-df347502.fa343716.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e5044e7f519706388a93765e3ee63fcf","sha1":"2b29363ce1134605f9992cbd9e5cdf9ba554d329","sha256":"66839891fd9fdca1f3fa9abc65a3f39ad53936731a1a7508eb6a00215fa1f2a8","sha512":"ca6907084adb9729115b88a1421ba7f64491842d4e4f6299e9cb1fbbb4455e67d697d10aea99fccf085acc030433fa11855e114984e712af7d4fa23d24775bae","ssdeep":"3072:hNn/ViAs300OOMgXZ1P3TCyAhLIKpB68W4PEoS3rTJXm1V7GP:nn/ViAs300OOMgXZ1PM68WBbTJXmfO","tlshash":"3ee33b1ab587e1aecc2ae051801f1934e1262fe9d125d086f738cdd496d8db83b7e72d","size":154007,"data":"","first_seen":"2026-01-20T14:17:30.564514Z","last_seen":"2026-04-08T20:24:41.824864Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","size":9875,"data":"","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-04-08T20:24:41.825885Z","times_seen":1262,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","size":3883,"data":"","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-04-08T21:00:11.857595Z","times_seen":2761,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.4/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c51f03d35129d9d1a9da65b24cef7fa7","sha1":"1e1d550d978378980dc3aeb60012da86c2355c4b","sha256":"339747e3a960dd82946bb6b06fcf1dda76b9ee786a337726b535a1d86d6b9c0c","sha512":"8c83157d1a2d4bacafc89ed01d444551151772f1119272c303ace71aa12b6f1fba29da8c9597e2a9baf670c93768286a405a70186b92ba5aae84554b9123c1eb","ssdeep":"6144:K4lrdS1Vqp5xb+XzxEXdUfM2Z0a54VXTnDBHiSuLx8isMZg07LQi:7vS1Mp5xb+XzxEXufM2DEDVHDub7LQi","tlshash":"04c41b8d72c1b5314ba36070503f250bb33b299c680980dcb679d8ea6dbd949526ffbd","size":585656,"data":"","first_seen":"2024-03-05T16:56:16Z","last_seen":"2026-04-08T20:24:41.849804Z","times_seen":734,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"644f13180f8d398c886f534b07044cdd","sha1":"2d3349d384b50a385ed0b0d84a256be60a1e2201","sha256":"f5d6379be3cba230a20bfd8bf264805de16223e0aa0277c0fb68c3c0751acff6","sha512":"700886a3c2a288eeadeec4b09884566eecb30f2530259b18a45147f07a02103fb94e144ed643f690de26e8b76119aa639f210c0d687cc957c82318be053ec72a","ssdeep":"3072:XuhzovpPNdJ+fzFgMxnnocXJjyv7mF4Betr1G661LlS+b6aNSnIum/yXN:+hzopC0TmRQBPSWyd","tlshash":"0b54d78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","size":279653,"data":"","first_seen":"2024-04-24T18:56:37Z","last_seen":"2026-04-08T20:24:41.822352Z","times_seen":864,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-06ae24a4.686330fb.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","size":129,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.744764Z","times_seen":757,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"2675fab97e66abb2dc482356efb999b7","sha1":"3311edff263714f305e1e345e152bbee777cc844","sha256":"bc87ac65daaf5582b0084af46d5f173f84e35b6b39733943e908fd9023cf3bb6","sha512":"6d1ed57e31ecba4fd8d5e5bad006be0928245259a0d0a57a6c99029dc00cb4d2e74f0ee31a7c4e198b51bef9c544d9a55c559aad033e38acf75be73bb53873bc","ssdeep":"","tlshash":"121180cb99618a6896e214ee36fe3750b573e052f9446130751fcd103d9c70f036aaeb","size":889,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.860059Z","times_seen":1001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","size":24822,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.812274Z","times_seen":1042,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/5ccb806f4887401d9f3074842216c7e3_.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/5ccb806f4887401d9f3074842216c7e3_.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 86811\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:29:27 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-04-08T20:24:41.747053Z","times_seen":217,"resource_available":false,"data":null}},"time_used":1126,"timings":{"blocked":775,"dns":0,"connect":0,"send":0,"wait":175,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-079fc55c.c7b51110.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-079fc55c.c7b51110.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-14ce\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5326,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5214), with no line terminators","md5":"485d627c42962ee0200dac66adf41dd4","sha1":"ca8e716c2fce7870f27ce6b489a333033a9254c4","sha256":"4a2b5528bff5b712a661c2f48dea798bb01eb6b7483c95050a4393eef0f39c81","sha512":"672c83e0b25c6b7a35a019664750aa61dff0f7d6f03ff6ebee9c0cc6a45b2b4c97a4715711d41428933f72350a7cf33c878869c803d2debe78314c4a05266009","ssdeep":"96:D42+m67Kxh98ITfv3gppLSqHYhFhRGPgeHmv7t2Vl63Al7:BNhP1hRqgkmzEP","tlshash":"87b1a74cb1e3f5a601a66562102f235af2b13e987416e011bbb0d6c07e2487a635fb7f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.768869Z","times_seen":729,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-14939100.2fe8cfce.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-14939100.2fe8cfce.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-d6a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3434,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3416), with no line terminators","md5":"93d0e224bd12c00a770a74d8c1dace6b","sha1":"e6c2e8385f949bfd4d44ff1ffc0fe6ea44ed6d5d","sha256":"cf1a24a9260bb4e2cf1b78f2734d48d182578e8c43348928c7e4c3fe616d2649","sha512":"603b793c1822b2301d9dc0aef86eb92e619a7b69ce1547c40e5680f9a587683630f223c63a4c5e2f9f463bf3fc8e59046c8d14474e60f57f54d57ab542d0a573","ssdeep":"","tlshash":"62611004559af6b5c87a9011a22e3720f1793fa58032e08af7a0cf951ad4df7571eb2d","first_seen":"2025-01-10T12:51:25.894809Z","last_seen":"2026-04-08T20:24:41.829672Z","times_seen":498,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-9c1c641c.471bd454.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-9c1c641c.471bd454.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-39d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (925), with no line terminators","md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-04-08T20:24:41.778667Z","times_seen":564,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-ea349f08.8bb54ca4.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-ea349f08.8bb54ca4.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-87a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2170,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2128), with no line terminators","md5":"69719cda5f48df75402dbb854d393961","sha1":"88dafda9b3e29fdd65ad515d43f05237de75150b","sha256":"a11f76bfd4fb7e4110a084ea19ea48bfafe80b262a06420953ebd96c413a5bf9","sha512":"0fafc6084405875c2e200208814e589a35a745c4d4e068d21995dd2718ab151f267f782341e9e995598ceb98d61f5657d17b334226ba0011ed80a36ee3d84f12","ssdeep":"","tlshash":"3941434cb093e0a989afe023651f2739b1f27fc5d001d451aaf5cac02a54d74332eb6a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.79016Z","times_seen":727,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/lib/jquery-1.11.2.min.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /lib/jquery-1.11.2.min.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:23 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1787e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96382,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.827361Z","times_seen":1616,"resource_available":true,"data":null}},"time_used":513,"timings":{"blocked":332,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/sockjs-client/1.3.0/sockjs.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 16651\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fd5-f54d\"\r\nlast-modified: Mon, 04 May 2020 16:16:21 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1974660\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CsSmKkV%2FongZkz2g0%2FPwgAYc3XqyL8bORLG5B0jzejHftVLurNDdjEt%2BuV%2Bj4ifeiQY1BVHyLf1vIbsk9CFOdi3XoR%2Fe2eP6CQR%2FiT2WJNsgHZU%3D\"}]}\r\ncf-ray: 9e1f15163f3135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62797,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (62696)","md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.742193Z","times_seen":1028,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/index.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/vant/2.13.2/index.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 40107\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"652e0e9a-9cab\"\r\nlast-modified: Tue, 17 Oct 2023 04:33:30 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 98716\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XmJKPrWyQJUkE9LY%2Btc6zJ7xE2Op4HiLZlBH2EI1oWNfdJ8XBEYmpmn53gJW1cjzW%2F7Zf3LKVga%2Faganf4u4iDJOqFQ0pCeYKUjI1h9t%2Bez4d84%3D\"}]}\r\ncf-ray: 9e1f15164f7135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146877,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"fba0b10cfa931074254e7531f2cc9373","sha1":"eceff9fb867e11786cbbae234d0c697f0dd445d5","sha256":"7a6dee2202c1dfd3a499f873dee167942e255703859f86107d6bfc2272ea14f0","sha512":"556c2196cc479fd20fb3a1a6ffd6ce4836267b940a2b95bbcb8851d3f3a3e16c7286cbfd9d59ee8eb7ad5e3b58e3ba6d31d4ebe0cd0fd0cc2a30f1deb1ff6ce7","ssdeep":"1536:KC3MhK25tWrWoK3Unrx3WqyrtpqoSWEDZMAfP1rz12VLSV:KcrxmNH9yD3fNfMSV","tlshash":"36e3d52756c0236cb31bcd219bc496c5e224c123f5121bfaf1517a2dcfdbb9612a2b5b","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-04-08T20:24:41.776192Z","times_seen":862,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-06ae24a4.fd43ee93.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-06ae24a4.fd43ee93.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-bb0e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (46623)","md5":"177ff7e3310c02d7e6a139a3237e0d38","sha1":"375c1fac3912c4b63c01d7bc241aa43ed0055460","sha256":"db079d71523907889a19e611a38e528a3405d89d22506634a177248f03f93226","sha512":"004642aa9fe53920ff46cbaf93784da99051143c22aa04e4e24ce332e2556b057d331a481f31ff427dc0b5ef0cac013c55e41764af8496f59366278918044741","ssdeep":"768:KEkZgRUp2R7p2ROwo1OAPkuD336ya5hrCen0eTg:KEkZYwo1OAPkuD336ya5hrCen0eTg","tlshash":"9223b89a48a1224591234e56cbcc9fa8473cc76364b25cef33967c4bc745bad23ce617","first_seen":"2024-07-02T22:35:06Z","last_seen":"2026-04-08T20:24:41.812755Z","times_seen":679,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-23020-6opdk665ztnved","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-23020-6opdk665ztnved HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"e81157e9206f8895015de8fefeb5437f\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: c0c8306dab4646c69d77a7327e6072ba-68995d46\r\nhandle-by: down-src-global.img.susercontent.com\r\nage: 347793\r\nx-spcdn-request-id: 79c117cb38768d37d62ad458828f3388\r\ncontent-length: 173182\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 9640371881725846408\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":173182,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 700x700, components 3","md5":"e81157e9206f8895015de8fefeb5437f","sha1":"d0984be00fe79471499618560fc1e8df92e6c49a","sha256":"292b0473a8caa2ce49b0b8ca5fee239081e213fabef05204b570c7de399db58f","sha512":"242f2736cfba3ce285e62b98bfd17f97352114f374889f03be81b1bc92665e0b72b3ff77b7e9fec530aed3986f5f89b368321b684e042594a6d896bedce2f36d","ssdeep":"3072:1A2NCXYk7Qp8i/JO+JHKJDoqAPRLuO2FG4z1Kfod8Zv6HVazHLXoisIyxD5:Cgk7Qp8imJMqYLn2Q4RKwd8mALA5","tlshash":"f1041247ca106e5dabde03b1bc812e0f1948923eeddaa1bd37111dd17bcda261c642ed","first_seen":"2026-03-25T15:52:57.019479Z","last_seen":"2026-03-25T15:52:57.019479Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2457,"timings":{"blocked":563,"dns":0,"connect":0,"send":0,"wait":1619,"receive":275,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-210173e0.c0dac991.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-210173e0.c0dac991.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1f8d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8077,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7977), with no line terminators","md5":"3856338d5b4912dcd744ac73432235a7","sha1":"ca8e82e6caad4cb825f1b50fdfd244bc352c9b5f","sha256":"3356599398fc293cd0d182d64272678ac8c5abe7865d48653f31abc3edd93ed5","sha512":"3f15ecbc998f171b40dce305086627f776b5198d5bcc249340ced7e81f112889cc211e9651c3c4ceb653b72c77f6d308f0597df5d750b50bd673665dc5ff8cd5","ssdeep":"96:5L9GcFsE93gIqYIuOf957+3Ft6CEMYH3CT/8TDvrTu3sL4SGiHsJhr1t0R:5K/L7IaH3wkTrrK3sL47hr1e","tlshash":"11f11345a0c7f6fadc6e9213841e0a31e1312feaa525e087b678cfd01a54d792b2d7b4","first_seen":"2025-01-10T12:51:25.899246Z","last_seen":"2026-04-08T20:24:41.745346Z","times_seen":498,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-d646062a.cd1dece5.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-d646062a.cd1dece5.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-139d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5021,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5021), with no line terminators","md5":"f271f4c8af58d5f880409e37228914e6","sha1":"99dbb0a93a7d68e349d6d7a630e504a3e4502dcb","sha256":"a8426489a32da765bf60f13c8fde7f581bc961a2e4792a8773151f2259c6ff60","sha512":"14cc145578eba23d4689790f69fd6ee440653f5c238d35ca9f88ba0ed133180d07721f9a616ef1c4950dfb3f8a1863ff5369e762721a48902111cedaa631d0c2","ssdeep":"96:jgRBcxo2PwsBiMiR0uK+H197HRMcr4RMhYFq6gNB04uom2xK7q5bCS4M14rMX:j0PzsoFyYPMcUMhyu04xPxl5bCSOrm","tlshash":"30a1bac8a6e5acda076352a1503f30d1b312d11978237482bb71cfde3d6ea850902b2b","first_seen":"2024-05-11T19:59:42Z","last_seen":"2026-04-08T20:24:41.750059Z","times_seen":653,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/vuex/3.1.1/vuex.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2776\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402f-2693\"\r\nlast-modified: Mon, 04 May 2020 16:17:51 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 819302\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5jurxp3TPeZxa8JS2K%2FDrVdboqT6bFB75W3gV8HdmRKozzgM0gA7ZiLsVzEt8HxNYvACUWH7FgIUPXnUYRJ9xkym2B04UoLtqIFRkfsQEeCq0ng%3D\"}]}\r\ncf-ray: 9e1f15163f1e35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9815)","md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-04-08T20:24:41.825885Z","times_seen":1262,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":1,"connect":5,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-586d3a0a.ef1ebbe8.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-586d3a0a.ef1ebbe8.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-9a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"7925d7f93e05982a8617a67374c76414","sha1":"4de55424b1d06c5cee677118d9d489a5ef675ba7","sha256":"0de3c86520035a4f407d85b454986216c063b7d30db75ff9f35cefaf926b3f50","sha512":"add388a6077fcea2ef59820a8ddab0485f0a737ded616e096c15e78cbcf4e98740b51eb037b8435d24995023868d8592c924943f58e9d0a918b4e13224dcc49d","ssdeep":"","tlshash":"81c04c7466ac6128f17bf6e1de5b51c86b15bb67b120811b5b510230ddc3e7160d1438","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.850329Z","times_seen":759,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-5c9d0d19.8d1b5cf5.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-5c9d0d19.8d1b5cf5.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-fd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":253,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"c14d474133726cdef23c1cf11c805190","sha1":"eda5e624d044af4d0ff6b0f2ba68de82d879cc55","sha256":"25f9445d1431156cb9fd8e80af2b2a6667587ca0da34a0c3d0e554db04d366d1","sha512":"8dacd5f508901b6f5782c32f404e6d192bd47a00068324d685ba25edbe1fd422715d2c1381820ff5b928d7189f2c6fbe8dc029d850094f48436bf25eb128cf87","ssdeep":"","tlshash":"b0d02b14294c4861bc77c494a2750848020cb3dfdf0382408e64a4558ec30562480dd6","first_seen":"2025-06-13T14:30:24.423988Z","last_seen":"2026-04-08T20:24:41.808678Z","times_seen":290,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":81,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-6849d582.97746849.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-6849d582.97746849.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-38\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"6f5eac1a0bc7fd5bcfa72e8d381d3492","sha1":"f21a840caacf71b07464c0b927fe1cc72e791950","sha256":"32996bec3551596c0e9140a4e7bb630946a92d65e3e268efe149c74cb717e520","sha512":"3e55cdae8d0e6443aa3fef6f681beeafe305bfcc95e93f1d49aef20f6cb588fe4b3385c5457c32ed1d92c455fde7a47523418b814615e0a43471457755d0f8f9","ssdeep":"","tlshash":"c79002a51d28b0ad84b3544642d00d443158710e520990d54e15a974248a1052e12a95","first_seen":"2025-03-31T13:39:50.427732Z","last_seen":"2026-04-08T20:24:41.793868Z","times_seen":349,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7rbk0-lkxy5llpbm93bf","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7rbk0-lkxy5llpbm93bf HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"bca83a27821f0778ab7b5871c4955f64\"\r\nserver: SGW\r\ncontent-type: image/jpeg;charset=UTF-8\r\nx-mms-request-id: 9c376e00804344c8af91e66ddc39f062-699d2b41\r\ncache-control: max-age=15552000\r\ncontent-length: 145215\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 12198107926640113310\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":145215,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1002x1002, components 3","md5":"bca83a27821f0778ab7b5871c4955f64","sha1":"93c17fa8fa19b6ce65e47b3e033eb47a11e9f0e7","sha256":"25ee9b206a684dda0af3566a4ad707a2d3bf400e3211a73bfc952ed5f53c835a","sha512":"975af698999ce8e1846eefa11d12e0f64e44a03977cd6ab5ffa8f19f1115532f82060ad979ed0b2694781c014c4dd6fed3c26ac490b9b03f46c12f0443e29eea","ssdeep":"3072:xswdawXve4K76AxnNKPiaqWBP/lTWugNETFil:xs9m7K2yQP5qCkvyTFy","tlshash":"64e312e2b315a018e9cf7f32530302b6bb5f6a0526075e21be5ef454ab633447eb8b45","first_seen":"2024-09-19T22:20:56.351897Z","last_seen":"2026-03-26T00:00:16.558559Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2401,"timings":{"blocked":549,"dns":0,"connect":0,"send":0,"wait":1513,"receive":339,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/199ca2f28c964bc7b649649c94356373_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/199ca2f28c964bc7b649649c94356373_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 124612\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:27:04 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124612,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"c5a288201dbfd8e8be4f7963e6657e47","sha1":"298d49b15dceb528df7d3ce3d260e8763a72f097","sha256":"866ab4513b1e4de7d235118a57be6384ed45a2e809e090d3734a3a4d0c9bf98d","sha512":"895d14f8c1e6fc37b2c378b4dcddc2e533325312ebd79e5c76bbfb798f71db0b3f4c11dfd746d5a392cf985564c9e023557d9066e75f295503e3736515b18683","ssdeep":"3072:Ig073vCM94Y+o0gIG7+PBzduCBOGl5c0nUbU:8rGIIG7OBQCBj5c0nUbU","tlshash":"9fc3127ae613e9bc9fd07a39869b9d26d3f445177800c048f90620fbf50e3d960a9c9e","first_seen":"2025-12-18T19:47:47.645778Z","last_seen":"2026-04-08T13:03:04.976067Z","times_seen":201,"resource_available":false,"data":null}},"time_used":1220,"timings":{"blocked":-1,"dns":1,"connect":172,"send":0,"wait":346,"receive":348,"ssl":352},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-ebba634e.e41daa24.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-ebba634e.e41daa24.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-206\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":518,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (518), with no line terminators","md5":"1cff30261d21415f988a27c746136d7d","sha1":"250599fd8cfcce855ba83d23054e5289a43901df","sha256":"7ab6e1e006ffa59c7345873208908764abc61e8213beaec8ce3d6a0c142ccfbc","sha512":"30cc2c24424146d420da0cbbbce544109f0b5957085593f541708bc1ee92726874fbd19b3349d62eb1d551ccf161c9ce52027e095ed6a7000a5341b42c2d538e","ssdeep":"","tlshash":"bef05927a2912704c137dd2027642b97c181e13a991e61ed9ce34716cbd3d421beb2de","first_seen":"2024-03-05T16:56:17Z","last_seen":"2026-04-08T20:24:41.773089Z","times_seen":688,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2f854f93.8c1083ba.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2f854f93.8c1083ba.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-8e6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2278,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2278), with no line terminators","md5":"c0ad238b572499e5ba56003129da1022","sha1":"984c2488512612e849ee4cd03cbee962945cf647","sha256":"3d261d791532f1087f89ab56c7dd54ca963523f3f9bf9f4a446a4bccc98a8a82","sha512":"22b956e51b823ed9a9102f87337a12b1150b34f7a7b89826165adf3a127c1162b1b77b69cbc0d68283ede26a7550c29663c760f31f91c05410972d4ef48e515c","ssdeep":"","tlshash":"aa4135087097f8f404a7a1e0002f3757e11939e45531a595ffe0c6e4aab0aeb9369f1f","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-04-08T20:24:41.787899Z","times_seen":573,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:22 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3b4ee\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242926,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0005accf931955eec5ed86f897e0d360","sha1":"7ae89839cacb8637600a3b0067fe8611edae2f65","sha256":"277dccf22d817aecf00496f547b3704907d454570f579e5f9d147435de498557","sha512":"121b37b857ea680cc979ad6337a0ecd55bf08cd25db73f7252609c7eee616b62d68da9a906d1d7b692c28901db52af573ca473ea0ee321381a453c1dd46b7c10","ssdeep":"3072:AJW0UArN86OfTq6asxZSfXl3ydsO/NPaa:Dq6Loe","tlshash":"a23477a1a706114b743ac997bdc2e7454a18bee3d0224aedf11758d4f7cdaa42cb3f09","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.747499Z","times_seen":768,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":356,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-9c1c641c.2704964a.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-9c1c641c.2704964a.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-11d5a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73050,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8f1d408eb7386ff242f7739dca93b922","sha1":"7be2aa429a946c61c3e32e13cab28b11d1db20c1","sha256":"942b5c7eb61dd99692e6a96d8ab13671238d138d6bcb5f8bfbc56a82ce3e7a21","sha512":"0ba265e59d70162b5f2d175718a51f93f1bb7f121fabbb0c90287e74a9956f0246623225259265543a102fd806a78a18c2e75a4d2f325e2a87a926db2d98065c","ssdeep":"1536:O81LeLxbOfU6prVTG1Bo35sCe0MXePDsHme:O81LdU6prVTG1Bo35sCe0MXePDsHme","tlshash":"36638472f991261d71178664a19576e85b3bf012c2421ff9f02a7b358fe72c6372238b","first_seen":"2025-06-13T14:30:24.486152Z","last_seen":"2026-04-08T20:24:41.778216Z","times_seen":290,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-df347502.6ac9adb2.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-df347502.6ac9adb2.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-410b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16651,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16651), with no line terminators","md5":"d2696c0e2cf69c62af86f021189dc03a","sha1":"316f82f781689dac89c63c1e5980a485cf322f3f","sha256":"85e6c8935cfef86a0704481bd31643e1cb5bfaeb32dd0ae59c3e709fde6abf0a","sha512":"63c5c9a39c65f9cc31b6f105121d5335e5ac09c90544bdf716da4d5413f00be43026a66600e7e79191526e537f8475c51733a946e2ff87051c4f09a8bd1766a6","ssdeep":"192:DDXXnHjXTdlUvHdYrpMG2zIlYlpTkvQ8jF20ROlQlyuB7aekTYz8Elltl9lKtKb:DDX3HjDwfy0kvQ8jmQB3k8znlytKb","tlshash":"7072773b246c1328f0bbdf206a7c679c92a6e133e34116bd55426e30cfdb9da11b658d","first_seen":"2026-01-20T14:17:30.658134Z","last_seen":"2026-04-08T20:24:41.828815Z","times_seen":126,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-37bdd3b6.e09af95a.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-37bdd3b6.e09af95a.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-7a3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1955,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1955), with no line terminators","md5":"7b9c54390fb3760f7b24fb6ff534a1f2","sha1":"8bc648894b0a00e669faefff31e5567ebaa7484b","sha256":"2782db1d2b5d5dc87af62ede8da2b2f4a3bd5d95f974fa54a32c893a504fa85e","sha512":"6bec6bc0a77a46bf36b3f40b7359e9648344e1bc8ba845da4bded6e5ebd1343f139ead57cb0391c859ba936239da82c7fc8cdd36c9419f84b4832b46ef3308e2","ssdeep":"","tlshash":"e241303c7292fdf849e6b190143f7201d12627086435e882fbe0cac19aa199f52a9f37","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-04-08T20:24:41.811746Z","times_seen":574,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-586d3a0a.ff39b5ea.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-586d3a0a.ff39b5ea.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-b66\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2918,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2918), with no line terminators","md5":"8b3565a80309c1c7f27e0907f0c7e6e9","sha1":"f4a368725d0259c94747b402360a2277212d7fd6","sha256":"20bd1ca6e1b5fda1b5b59b1880e07a12f810d57d09a817367f9423e6b0483c8c","sha512":"d99830f0d631053097a4ac9d52a07a070603135e5216c273848d9ae91841a6a4f63d2344f18ec7ebd96f85d41e03e630a2810e416b2b00d954fb863c37455914","ssdeep":"","tlshash":"9651980d7483f97505e6b1d0542f3653e22829d49125e041ffb0c6d4aab4adf5936e2f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.748513Z","times_seen":727,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-604fc2c2.7209a830.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-604fc2c2.7209a830.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-9153\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37203,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36809), with no line terminators","md5":"dac4f479b205a55ca708ac53c565a5b7","sha1":"94cf2bcef9ef38e7098f470cf2e1e5677fdfa78c","sha256":"3df6967a960199028dedba01971050eacb5695a09abc9c288d80577be886add8","sha512":"4dff005b422cd8192c5937711d5e3f5d87c57b8c43fce9c602edc6f5bad30594a622afd25da80ebe0245e057bc5cc7e93b1038cc1b35c3fa706d8f3a55c7ba50","ssdeep":"384:+PCy3b+EtQIbJn8SWX6A8bJl88IMg2RyWlWXbJ7830qtp:iCyqEUlXm88IMkIT","tlshash":"fff2a718b1c7e26b9d7aa022442e3534a0727ec96016e186ff34ccc97a69d74371eb7d","first_seen":"2025-04-11T11:01:20.491298Z","last_seen":"2026-04-08T20:24:41.830514Z","times_seen":339,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-fb459430.b781e075.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:29.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-fb459430.b781e075.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-37b1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14257,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13991), with no line terminators","md5":"e0896caee41fd2b5c18a1a1ece8d5eef","sha1":"41a0de622fedf52315e0a4f62541c73f18ee7ef3","sha256":"a7a9094befb4167c4068cd80039c8c781fa539da1c4ff740e2504611a601d2d1","sha512":"ce4e07d449b61b1b01b5561aaf303f6ae7ef4a05adf59e6a07b323011af191961aa33f16511ee5728a42169ac2d6269799e99bbaaea1b7bc3d8fb95a85e37be7","ssdeep":"192:GYdkQ2uE1tJS87BmQzmvH/CCoblLZ+Se4:GEE1tJS8FkKdWSe4","tlshash":"61528654b487e6afac6e9522411f3a35e1312fe4e026e043bb34c9d05da4d7c272db6e","first_seen":"2025-04-07T11:12:04.222332Z","last_seen":"2026-04-08T20:24:41.848321Z","times_seen":466,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-0d0be872.aa4f4d2e.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-0d0be872.aa4f4d2e.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-770\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1904,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1904), with no line terminators","md5":"c0fa8b970e1a95485b19fb2002187225","sha1":"d1237ef5ab7f91b54d120c89b1edd59d7a3ffba0","sha256":"77c1eb5c835475532899b897a657d279217e3a9e4443037b6e308dcc5ed4c133","sha512":"7266f52d2729e6cdcb571a7ab0e52e63fccf9a0084b84319a34de8cc2a36ca7ce120440e55ee375562572e23bf4e6fbc36f3af93b66755292b918125b633f4c8","ssdeep":"","tlshash":"b841ed32b59c440db037f6613525a8d8764cfa03e21222e39c12623adfc7b833672e8c","first_seen":"2025-05-18T06:03:19.612245Z","last_seen":"2026-04-08T20:24:41.828326Z","times_seen":360,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/common/dict/allMap","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"POST /api/common/dict/allMap HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://glowremotely.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://glowremotely.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14623,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"542effb04e4e8a6f81a040dbf128e3eb","sha1":"74d734bfe27bc262e54756e1ef864a2e32aaffee","sha256":"cde4b468d05df055d5731b13d7bdff5a3e16d7fe64a8c5e5ededccbb6c639a31","sha512":"6ff33ca9a9fd2c44651d98016f16eb9526712dba1728d81ea1a55a9b13d27d100a9474f78d63197c5ba84f3d84e5688a7147c0cfbd18d982a573d05f88ebd6ea","ssdeep":"384:Kw6FI/gct3RRoywMycQROtMEj9gnhxqlQQJq2VqYo/3ajCoSVyDf9zO07Ae:KU7zAKVqx/M7b","tlshash":"9962508cf70379b9dd0fac1491a8689e707d3e771e89c2199a41f54532b1081ea2bf7b","first_seen":"2026-02-11T16:15:12.729686Z","last_seen":"2026-04-02T04:52:24.486596Z","times_seen":92,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-9c1c641c.471bd454.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-9c1c641c.471bd454.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-39d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (925), with no line terminators","md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-04-08T20:24:41.778667Z","times_seen":564,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/poster/notice","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/poster/notice HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:35:46.020186Z","times_seen":1581,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7qvd3-lkj77dei4fwy7c","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7qvd3-lkj77dei4fwy7c HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"d638df15c157a9f82334db380c0bb831\"\r\nserver: SGW\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 62f4960c284445ddaa494abc1aab805e-68b7d36b\r\ncontent-length: 158467\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:26 GMT\r\neo-log-uuid: 10429853854970424697\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":158467,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1024x1024, components 3","md5":"d638df15c157a9f82334db380c0bb831","sha1":"b44e969d58a90ecf868e469125171a5dfad0316d","sha256":"d7d5d6059c6e3ca99a55664d0b7e82ba0d28b756b09fe86b10475acc86f36ad2","sha512":"d1cf1bb2469b8b8bdd6fa4f2a52610fc61e50098f7d994dcc954b09e5005a3f441d09bc0ffec56b83cfb3607426ee9aa40c46b5a2eebacf43840412412be6eab","ssdeep":"3072:y+ezF5uDC1IYZFGQ4H4a3VeYpdacPrSJ1dZYiMAuoNvx4Jz0jb:y+G5SCSAUQ4R3F9PGJeApaO","tlshash":"fff3cf479c549f93a194c3b87f030e695f192a4ce9d03bef81271e936b907761c9e12e","first_seen":"2026-01-09T19:58:50.526414Z","last_seen":"2026-03-25T15:52:57.032231Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3045,"timings":{"blocked":609,"dns":108,"connect":245,"send":0,"wait":1356,"receive":472,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-cefa4dd6.ceb1f577.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-cefa4dd6.ceb1f577.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-608\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1544), with no line terminators","md5":"4f5c3e0936d5f86c34c8a8a3e48eb731","sha1":"d986b9f658e4860865d5ba3b70d01c23480d9183","sha256":"0a2683401ed89953e511402e3a9590f56a867918b623a36b5b69f2cb5f2493c4","sha512":"89962414c7ad4e8f104711c2b359296fa9fe67bc6cd67b28de09121e0a53dc595a473a00eb31141bca7f739dc7d71b8227fe400d1d2a337b8d3f6d48b301aa8c","ssdeep":"","tlshash":"6631b123545612087367db77262193d351b8e232f83207569ac3b536cfc75d625ef28a","first_seen":"2024-09-29T13:50:37Z","last_seen":"2026-04-08T20:24:41.856824Z","times_seen":542,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-ffc2961e.07a681bf.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-ffc2961e.07a681bf.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-ea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":234,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"335494c83d0ab57b3041100fa7d6263d","sha1":"373d0eb5ca7ed8340fdb1300fd652339d2de7c81","sha256":"4223177d0678c350c634f558c6055589630047e94a59dc32aa6c6db44f020dc6","sha512":"6f431b53de52f295662a6ccc14fe7927ba8f8fe66b94e54092a5f6b11a417a1d7cc871fc82562743ba0c42528e2b59e2ccd6fb4dc9c769ad04283ea367f3cb88","ssdeep":"","tlshash":"22d0a7543f4d4275fb77e3d4f51b28826230e3b3cec102d197209455cc870b9200e474","first_seen":"2025-01-10T12:51:25.889473Z","last_seen":"2026-04-08T20:24:41.773903Z","times_seen":483,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d0d2ed4.28b5562e.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d0d2ed4.28b5562e.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2763\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10083,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9995), with no line terminators","md5":"6223e1b7d705aee17b0ce888330430d5","sha1":"4c9b6962e69035b7281151d37191b7dadcd590ce","sha256":"4db244ba332e287231660a70ab1e5217c494735db502edc05e0cf9a5c383ace3","sha512":"f9959648151734d76de4af20de837d546267b6e9913cc91e379ae6b3091f14e186895c3860cfae63799dcdcbec860b3806b93aea112f16af10d4558b27043f9c","ssdeep":"192:y/zkL+lB6yLAo50QN5+npu1QwRL2JxAvuZy/0vnA1z+Wf3+jMMq+rUBd+uPOtbz1:Oc+iOlxRITmMezuM0jsL8hSE","tlshash":"c422b7cdd989dc270fe3b3a9343b30d4a10b902a7c16145bf3b0daed265fa515912776","first_seen":"2025-12-23T06:21:39.849601Z","last_seen":"2026-04-08T20:24:41.81115Z","times_seen":127,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/translation/list","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/translation/list HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":393,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"58b9dcda65416e86d6127ec925acb3cf","sha1":"ec490693d6856fbcf0358f57db94d7dad6fe89e2","sha256":"f0ccaef475d6ccd03875475914cec7efa0be8df1a40f9c3e681b87244ac35310","sha512":"3ff1da6625134d9c10bf75c9d1cc7739e03a8ebbba01316bdbeccec626103d28ec6cd5363bf87b3d2982dcba7923ddb64eba2e5e75aa96d656804e2d66d4881e","ssdeep":"","tlshash":"57e02b30854cbcebf94284c28e0ef21224ec4531ab093a1ce5c8173511deb2682c4853","first_seen":"2025-06-28T06:26:51.110564Z","last_seen":"2026-04-08T20:24:41.781868Z","times_seen":243,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":154,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-5915ee8d.4006cc4e.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-5915ee8d.4006cc4e.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1292\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4754,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4754), with no line terminators","md5":"f2cf758791111fd2d848603463e99178","sha1":"6efa309eee6c7aebb25f7eb378ebb367680cea9f","sha256":"be18a5cd6c8dd5547446a18363472d5ee56a0d2008b3d187fda6f866ed32facc","sha512":"33df9c558a43f266d0231279d5d2c940a857326b2e9e6de968d1b17983e6a784938bc4de991b04007f737e16b67f475a7c1fbab4e82228b22ec105c37d238cb3","ssdeep":"96:92hnM63MqkM6uoSYbc+7fb3bDb9UKUea6:yM63MqkM65bc+7fb3bDblUea6","tlshash":"eea159db78d68112d277ea5216ccd51adf336be73ba10cea71d8284dd706a80631f0a7","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.808025Z","times_seen":983,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qvdl-lgxe6y2rxvk783","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qvdl-lgxe6y2rxvk783 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"f99d9d315ea99665ab9b8cbd8d707f61\"\r\nserver: nginx\r\ncontent-type: image/jpeg;charset=UTF-8\r\nx-mms-request-id: 91ba443d52cb4ca5ab5010307363df3b-689c3af4\r\nhandle-by: down-src-global.img.susercontent.com\r\nage: 0\r\nx-spcdn-request-id: 59a36d6061bd50bd60153e13bd1e7586\r\ncontent-length: 119992\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 11961620033826155345\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119992,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3","md5":"f99d9d315ea99665ab9b8cbd8d707f61","sha1":"3b6bbe147c3cd40c456e54c0b0c387764e4d86b3","sha256":"1b72ad2bd90c0cb42118d852a15080de26bf777428dd585d439dc74d4be9a10f","sha512":"e2db80e985b0eec1d6a3136131d0e12819faab6f19d3ba3349a691b43b8cac5123d697492417bacea86a64486ef6ec157a51249d35f2cf719fb7393787a23cc0","ssdeep":"3072:5boAgeqIAMb/IEeG/mo4Dxiu0dEFYvtIbHSPq+dTh3k:5bQvzzEj/mlDxEdEylI+Pq+zk","tlshash":"dac312821b6ead83d3e4d13cb26543311e7cbc92824a4f8583577b6be27f693ad43409","first_seen":"2024-08-19T18:52:54.569037Z","last_seen":"2026-03-25T15:52:57.037379Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2581,"timings":{"blocked":611,"dns":0,"connect":249,"send":0,"wait":1412,"receive":50,"ssl":256},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/2.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/2.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 36342\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-8df6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"ff2583db35c4acd87cbf195af9e9b202","sha1":"accfcd83b3d9f5de5aefe233ab1add6f800486c4","sha256":"8ce9d693209b66c96c19a29f83c57bf0389d81fc8e5ce4dcea63a4cc2c821928","sha512":"a5c52846621635a06e1ba79aaac03280f0c1ac38a51430b833afe536657eee5f703c432fbd23f5a8f82a4e47bf4e4aa21449ec597c8686e19c962d8c0d3d8060","ssdeep":"768:RJfYhYn07EF8k04B5h2FBHS/6W9tvQpxzP+QwV8QSciig7ETgzbCU:HfeeqRAUFBHSiMt4zD+QwaQSz4Cd","tlshash":"b9f2f1f1d0039a1166296b56eca2dcf3253a0c95807325fe1490c56f26ed1f9f17af8e","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-04-08T13:03:05.074827Z","times_seen":278,"resource_available":false,"data":null}},"time_used":1525,"timings":{"blocked":1173,"dns":0,"connect":0,"send":0,"wait":176,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d207f61.3e227a5e.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d207f61.3e227a5e.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-b4b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2891,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2875), with no line terminators","md5":"ce951bda38552a6d5eb495a81b60a04f","sha1":"64216cbe03d5dd49be3d3f79ea27d9da9d2f586a","sha256":"1cd3b784101271e03ea653d67d3cc374af0d49c93d8eb1480c5f5f21cccc53dd","sha512":"3d3358f2c61ccf182701c090a2033a0d942c020595e9659c12466bca780e56789db36ccef66da4fbfccfa1a1661067b3a69a14b5b89db47d223656b5dc02b0aa","ssdeep":"","tlshash":"c451979ca1b6f99702d28246642f07cfe33437184c32e412bfb6cbc4e9ad496225675d","first_seen":"2025-01-10T12:51:25.90949Z","last_seen":"2026-04-08T20:24:41.754072Z","times_seen":498,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d2293a9.85dc11b4.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d2293a9.85dc11b4.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2d97\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11671,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11543), with no line terminators","md5":"0619b00a4a0fe87ad30a7e606e246f01","sha1":"d301bb704f30d654f04665b904ce178c8dded78b","sha256":"1501d4cdd5595c94422c29650087412b37c98f4f03d39155a0f2bbf19c23c1c5","sha512":"039eb31d31f5a9635c6aa4b1cd1733f0e1b33dc86d7d288718ce274cbc7f510f25187815d14d7c0b7a4551c4c1d0fc7d1b83aa73dcdc93671765a28bbbf2765d","ssdeep":"96:OY+VCv/hGpNksPmEo+X+b+F+n+ejj5rMytWQBzleKZyfnPaGFZQkNwcVc4+T0vCH:OY+V0GpNkse75RvzmM6Q","tlshash":"1b323225f4cbd29aac3a8402602d3931d1293be6d62ae443f378cd5453eadb43b1d79d","first_seen":"2025-05-18T06:03:19.681563Z","last_seen":"2026-04-08T20:24:41.842768Z","times_seen":329,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d237720.724c18ff.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d237720.724c18ff.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-ade\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2782,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2772), with no line terminators","md5":"921620e96be524fffd62ac1e3eb4ee5f","sha1":"511b2be8f54ff6670d29086f78c2448d8824ca3f","sha256":"246d5330e04910431a9ccba22bb57791ccdb1d0fa6322ad451b38e962fcd7d1e","sha512":"8d29e3b06167939debe0b5bfdf235a55e279ed0ba855630d81bbc352a4600378a89584cf249eb344f1369b1bbd21cc9556c748f9aa836176d981828ddd9e892a","ssdeep":"","tlshash":"ad51988c71b6f99702d28247602f078be37537184c32e4117bb2c7c4e9aa496236675d","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-04-08T20:24:41.793238Z","times_seen":723,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-dcd191bc.3e8ebc52.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-dcd191bc.3e8ebc52.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1c9f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7327), with no line terminators","md5":"83e9734e6a1e977599bfb45e593d220d","sha1":"3b81330b2acd67fc275102846cdc134d1f42dd9c","sha256":"b60ffbfdd9729a79e92f69e84bc7ce1907f0d28be1775360a99c33fa37133245","sha512":"2a6a87ac3c7cddd6ced26a0f03a26f5d65d131aa6562a51f9b78769364d7fb7c61078a1476fcdba58c75d97ef3c20f417e286e922d3c533a6aaeb564ac72bd77","ssdeep":"192:r/Mml4rvGEeGdId3tKk/BttO1eW4t6ziw:r/VJZI1ea","tlshash":"42e1e8dca48afe5a1c629161203f31d5f11a642e7634e88af730cfce8dda4440a65b3f","first_seen":"2025-04-11T11:01:20.419751Z","last_seen":"2026-04-08T20:24:41.821872Z","times_seen":339,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/axios/0.19.0-beta.1/axios.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4213\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03d6a-3546\"\r\nlast-modified: Mon, 04 May 2020 16:06:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 219647\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=81ouwXRvbUClt5Etl7Sm0Hl%2FQ2vxwjF56G8o45hL%2FvGMPH7NuITA%2FrYHiDGnEBmAxjqJMIg%2BTBK0mI2mapFgzXGFY%2BPpj1Icx%2F3h3Di%2FgDvnxGk%3D\"}]}\r\ncf-ray: 9e1f1516783035a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13638,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10313)","md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.836208Z","times_seen":1043,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":1,"connect":7,"send":0,"wait":12,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-082f7c94.4fb78762.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-082f7c94.4fb78762.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1050\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4176,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4176), with no line terminators","md5":"3bb0a325933a9ab0e88dc2ba85602ce5","sha1":"a8c722a6abc46b8783857bbc0c5bcd45dc4e7c04","sha256":"28e8c50ef6cb0ebc5145933d38ff0ad53754d5f3ab46d7dedff06df249183fba","sha512":"86d63977f4da3dc9eb87ce04e27c499b0dc030c2adc4138216cdcd6ba1dd85436012054e28a142d900ff37a5462462851840a3c1c9792ea409472712780dcd6e","ssdeep":"96:DJH1W27B/QV+Saol3mLycpSzGi//ktfAV+:DJH1N7B/e+SaolkS+1","tlshash":"27818672a21d4208f53bf6b025789ddd1970e22ba1834be85e597421cfc72933376ace","first_seen":"2025-01-10T12:51:25.853356Z","last_seen":"2026-04-08T20:24:41.856307Z","times_seen":480,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/static/theme3/tabbar/order.png","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /static/theme3/tabbar/order.png HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 379\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-17b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"549ffb680d0527849f31e5995d16799e","sha1":"5b9749927e26c7f219f9170784f37a9dc1861c6d","sha256":"c5ee884416417d216686fbbdc70e12525210e9c016655a7020f729d95e5d025e","sha512":"4326949b6fa6b271f242ade578b6712573f0e00ed5cd04ad9040c8522134bc535f048d40ddc68e9397e357d67126cbc991e6594f73eb52016a321411a0b7aa6d","ssdeep":"","tlshash":"46e0686b62a45dbccaa60e760fb0045280b0c9988516cfc6b16fdcfa0a018c855c5f55","first_seen":"2023-11-04T02:21:06Z","last_seen":"2026-04-08T13:03:05.075593Z","times_seen":413,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":285,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-23010-z9y9a4a2c7lvc5","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-23010-z9y9a4a2c7lvc5 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"9b9ad1916e7cd531190c2630f2524db0\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: c8f4cbbf34d84ff49f175884ee7e7fcf-689d8c03\r\nhandle-by: down-src-global.img.susercontent.com\r\nage: 0\r\nx-spcdn-request-id: bd177a1d2e896286935a4ffe5add90df\r\ncontent-length: 458456\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 15418253255416493813\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":458456,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"9b9ad1916e7cd531190c2630f2524db0","sha1":"76e319c53de7b5c80b19ee55f138cceb201ec0e0","sha256":"00c1631bd7cb69d4f92457835cc19765dcecf762938aa5c795ff3bfd37488576","sha512":"55efc8e121f7b866d3a9bce6dd89943f42e4530857a30077a9d05f7728278ffa30dd8fbadb1650719cd7a33a9c4121fb1d0bef47939d9bbc9265c30bdaa13376","ssdeep":"12288:pmcqnVPGfxtRjBHdOE/ik/EfO9eh9cpBj7nTK8r:sVdStR9dOw/09E7r","tlshash":"36a4de2ca771955fe2cf9e2486b04bc7837a5340a19f41b4f181e9da4337394bba4d8e","first_seen":"2026-03-25T15:52:57.045635Z","last_seen":"2026-03-25T15:52:57.045635Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2616,"timings":{"blocked":0,"dns":97,"connect":251,"send":0,"wait":1651,"receive":359,"ssl":257},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7rbnf-llv6cikqaue249","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7rbnf-llv6cikqaue249 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"f4902747a5ac80d405741162be2a29a3\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 0b4051a845d04452b3f147bee7f15ecc-689345b0\r\nhandle-by: down-src-global.img.susercontent.com\r\nage: 0\r\nx-spcdn-request-id: 01f3b8b57b2f8060f742e1fa6c3817d9\r\ncontent-length: 100016\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 14532817995834617038\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100016,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 480x480, components 3","md5":"f4902747a5ac80d405741162be2a29a3","sha1":"989a1a54bd19ad0733cc22ceeabb88f2896fcd65","sha256":"449d0e75b94fdf832ef30055507c405b29bc42c7c4ad4016b52b8dfbd997f290","sha512":"06ed0c0322d5b03587c138c588969670eddb6bfbecca34b7502677a1ce4b4335a5caeae6a2df5fc76635fd5fa9d3086e35922410123a9dbf08bf0b80861bf25c","ssdeep":"1536:L4YRl8x3f6HIqItdBdj08r++si+oGUiLmqS1sh7qeLZBHhbTiBwNEohpYP:s8+9yhadBJNhsi+0KXQyPhbTi6n0P","tlshash":"85a3017d06bd14d9d6cd4776d7be6617c04acea007f3e72213010de27b8741aaa22abd","first_seen":"2026-03-25T15:52:57.047844Z","last_seen":"2026-03-25T15:52:57.047844Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2506,"timings":{"blocked":565,"dns":0,"connect":0,"send":0,"wait":1739,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-925a3b70.11d3217e.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-925a3b70.11d3217e.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"ed7f88f9b7f99042eda629536d2dc0a9","sha1":"c61d47c506e1148456c852656b484d574c28abcd","sha256":"a1a2ab3daa36c4ec3c95db0848653e6c47a8592b7b43c8e068f6c777661bb463","sha512":"9a504eb33cdcd8d78bc1d2f4ec0b29ff78c404a861aca377dd6af8a1217270a24244810072bb1131fa594c448e8601251ed9f9ba4aca5decfa5b5c00fe03e483","ssdeep":"","tlshash":"03b09244298c2812ae5fd0f8a02164c18112e3bacf060393df20e86c8d830b82481d15","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-04-08T20:24:41.852859Z","times_seen":702,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-134ebb5b.0fa07067.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-134ebb5b.0fa07067.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3205\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12805,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12745), with no line terminators","md5":"9181b68796845b6668c8056c9af3f470","sha1":"2628b73886423469a7d5598edf0b6223304bb8a7","sha256":"6d803d6675f97dcdd566cd96bb7c0a78ead32b4ee24505f864a1ae64ff860b62","sha512":"4aad00998d45222aec9aa1982c7ee705a91412b8bc1eb9de6df867ddc9656a0076cfb86082111164f71c9a3b775c320654f1dd572f1de25970dbd3806fdb98cb","ssdeep":"192:E8vbJ3VYjYJ3sq64b2ZuGH9IPS6X4lttKHHgt7NmehRh:E8j1VY8eqySPBQnRh","tlshash":"c642b68875c7f56e49e27122103f3791e17a3ec5681ae81bbf78c5d15719821222fbf8","first_seen":"2025-04-11T11:01:20.505025Z","last_seen":"2026-04-08T20:24:41.814372Z","times_seen":340,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-1ae0d026.9c0a4db5.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-1ae0d026.9c0a4db5.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-b82\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2946,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2938), with no line terminators","md5":"1cdb27ecc836ba8a76674653178fa40d","sha1":"4f58ff0c140cffa78fbfcd3b191339d134f10544","sha256":"52aae7c29ebf7d6a2242adf285ae523ed6e1546e480daf21c9ef4643db76bd26","sha512":"ca9b922d96db8ff08a22cdf42489804bb87adfe3745874fb96dee2b82e42aee18a86c63094b833a528e0194829ed01ce955ac4b412a6ed5422fad96c255bc089","ssdeep":"","tlshash":"5e51836d3587f06bce726062810f28b892b62d88710d74d2fb7cd98871a94d05b39abd","first_seen":"2024-09-29T13:50:38Z","last_seen":"2026-04-08T20:24:41.84609Z","times_seen":525,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-2f854f93.59a5b0d0.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-2f854f93.59a5b0d0.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-94\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"91335324eaa697b13a8476e9ca26b46f","sha1":"58ab7b787cf8b7905a4860b093ba05d49538a07e","sha256":"11fce1fa144053c50cbffca168b6a326485b431a7d0a0b58f83d916cd6b16a4a","sha512":"ccbbd2a33feee9e770ad17ebbd8b0f936479660a9e806a8da2d81b418c548dfdf5b6a2807844224972b1192d182965fe5d8dd75744de445b220cda6a047e33fe","ssdeep":"","tlshash":"b1c04c71142ca0bfc937c52800eee4cf1435b226d173d0c5488ed6a418ca600387836c","first_seen":"2024-09-10T16:42:49Z","last_seen":"2026-04-08T20:24:41.751836Z","times_seen":591,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-51454bdc.4a19b0cd.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-51454bdc.4a19b0cd.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1a8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":424,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (424), with no line terminators","md5":"63768b78762519cf4603acfc48995bcc","sha1":"9ae9769aff89008916d2414ff344a472fc9ff1d4","sha256":"8e9d60e3c5870a07de8d82ab712c318db6bf50dc2a1a894f8480fd8b3c425986","sha512":"23b25928c3fa699712bacc374c0376a3330f8737ae2d6a7620183280df2c836f45ed1e3ab8bd27cf6a8c04609ae7c5a1dc69920e5ec96c992159c77ed43ec0c8","ssdeep":"","tlshash":"cde0e561364d6d22b1ead1925354238f1e582be7419022b7cf1ee4b6db5f460ab86421","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.784133Z","times_seen":751,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":299,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-604fc2c2.a4b4e3a9.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-604fc2c2.a4b4e3a9.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-ed1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3793,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3793), with no line terminators","md5":"0b2102b102f5b23caa1f39cadecb75ac","sha1":"fa151273a14bef5cf2c71247a0e226a2d42a623d","sha256":"88146ad7576caf74130473e68384707ee55465e20bff4eb34c040c8ac03782b3","sha512":"77373ec39719c3404d56fe48b62527a86306dc507eb9366aa1ac0f4cb0af00e6632da7e1b05c602a7836996fc962b46f626d61f83a692f9c845658a72f86eb11","ssdeep":"","tlshash":"9c711127f3891251e4a2c2d0b7e04dddc23ae912331189bbdb836e395f9f317216655a","first_seen":"2025-03-31T13:39:50.47206Z","last_seen":"2026-04-08T20:24:41.853822Z","times_seen":349,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7qvfk-lg3go3fv9fr45c","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7qvfk-lg3go3fv9fr45c HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"ffd27ab482b36cdfed1b7fea6ca62dde\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 3138aa2ef54a491fb360001af5f42201-67caf828\r\nhandle-by: img.susercontent.com\r\nage: 231660\r\nx-spcdn-request-id: 487916a86f18fb77379234c31aa49794\r\ncontent-length: 81914\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 1218432540401186908\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81914,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"ffd27ab482b36cdfed1b7fea6ca62dde","sha1":"02f2e32499e06eabba4d6f2cb8020f6a8e7034a0","sha256":"5bb1e50b98665e613bc693d3d15b5fbc0c7f0da31da243167b5e0718e9ef969e","sha512":"a5a3749e621ec5a0cca270a2d020130fc4c033ec0a4181e7d63e720a0a00041402109347d1e93d1ad1db6dc71b8d67396bf2a3bf058d0ebb5f5821a03eca4fd5","ssdeep":"1536:b4JBNIXUGGD7UTmyhYsKhI94wIB2GxltdMGZu+3ckG0nv6DfmZ7nt7IVBRqo6wM2:aBNI724MsKh6IB2kltdMGFv6DfmZjtsT","tlshash":"8683be17c8558ac3e91cc7f0ff2348a91f592f1cd5992aeb94220fcbbb9421b4d8945e","first_seen":"2026-03-25T15:52:57.055217Z","last_seen":"2026-04-02T04:52:24.555638Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2725,"timings":{"blocked":610,"dns":0,"connect":245,"send":0,"wait":1583,"receive":27,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-082f7c94.7a0562b7.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-082f7c94.7a0562b7.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-95cd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38349,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37923), with no line terminators","md5":"848811af1ef0d2462b2d2b68b6fe2187","sha1":"67c9f1766dc68e90922e71bde19be5a4a5a97c65","sha256":"b31c98ee1d0fe2ae990f17ec861302677e25f443ec1ad18f914b1e3f83285055","sha512":"bb762d3b2ff857fe8dd1ab103c637f008400cabe3112c50047432554b7b63184c8ca4a11d09780faefac81df6e0fe15b2d2e32116eb67ae0ca17d0c665cec853","ssdeep":"384:C/2PAOQqtUnc7GL2YoxbonZXWFznML/ZevZt09uCcDnVfvg4iisTh:CYKqoAx711bHCcrVQ4Yt","tlshash":"d8037405b487e5af8c6aa061402f2635f1b53ed5d026e041f730cec599e9db4372ebad","first_seen":"2025-04-07T11:12:04.233531Z","last_seen":"2026-04-08T20:24:41.786588Z","times_seen":466,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-24a6615b.b0b2fad2.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-24a6615b.b0b2fad2.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f8c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3980,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3970), with no line terminators","md5":"e2512e3353053f7d69ea0cb807f54525","sha1":"a5080181d1410ef0d69c73c7f024560623fb1922","sha256":"df8d2443a705283c6ec4b8c489a25e6dd63c2bf85116e6edb1cbd9baae02f8a0","sha512":"32a074cdfbaa1da933beea86bcfdf26266642b6c84b1c2d27c58e8ef57aa73675e10136140d5cc0e0a00a4629a06cd09237252f58594120847656493a453d659","ssdeep":"","tlshash":"8e81572c72c3f4b44da7b161046f3215e53a2b869425ac41fa60c5c06ea5d1e136afbe","first_seen":"2025-06-13T14:30:24.445319Z","last_seen":"2026-04-08T20:24:41.85885Z","times_seen":290,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d21d0c2.090e3250.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d21d0c2.090e3250.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-4eac\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20140,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20140), with no line terminators","md5":"98fc4f7d659f3ff5fe223a0005d30e5f","sha1":"8464c1b8138ce0a4b902c403fbbd61887b215a6f","sha256":"3b4fea3e5f45315e8243cf56781d0df5722e6133942671dc592ff479ba8213e5","sha512":"205b160455a2df2174059f4306d93b67d21c207f50caebf6006df72c501c954aaff7770273e5a68c9190e82251c6f62cdec564eaa28947bcb6143ed41b6029ff","ssdeep":"384:S3v3YBYcL1rAAdTRA7v0zwrmSHHHsglQFx+m1OPNtOVSLMyoLyUhyytGojYPFKp:9zwrmSPG8DOyZUoy2m","tlshash":"4f92e6e9f35542f6525d5cc5286f201ba4b0a4262c1a41acbfb5c0e7e8b8fd1787af70","first_seen":"2023-03-10T03:00:05Z","last_seen":"2026-04-08T20:24:41.837902Z","times_seen":1076,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-62a9efce.17ee9d1f.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-62a9efce.17ee9d1f.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2043\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8259,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8133), with no line terminators","md5":"ad32ff19be2eddffd24c1b5177e1a5fd","sha1":"d095f2b2a1c5cfd4234b5306b91930a37a6f6db2","sha256":"8967594add188a7f22cc1247c43d0aa55c52cf8bfcc6daeabade9944a0d08dff","sha512":"455eb2ddffc00032763050b818e4e0940d130a4deae0afd471556e2ea1caf7c535e5f2f1c705ca1ba1393a6483ebf176381ff429aecd0bcaef0cf0972e9fbf06","ssdeep":"96:cLxAC1Gxn2V7LMQKEKbzlhWK+Vm4KeXrOrxs6m6vYb03kp4/c/KsE/Ki/KsaNKss:kXHvAdbzlhfezOrx/ZK6","tlshash":"8a02644ab587e2afcc2e9112802e2531d175bfd9e415e441fb34cc9066a8cb4377dfa9","first_seen":"2025-01-10T12:51:25.920497Z","last_seen":"2026-04-08T20:24:41.831089Z","times_seen":467,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-vendors.42f07336.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-vendors.42f07336.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:23 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-10000\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65536,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29775)","md5":"bdaaed4e9e1d5e0322ea968e6f47ac0c","sha1":"85c58af8151ed5badcdca952295e8c6e7b3e1e15","sha256":"c9634af5f9b16a9f44d78311163effd76467a2441f744859c96fc066a3b58aa8","sha512":"e23c153981e588a4d6b99c8341da319ce7e9bb16036ff952a8a469910640505b6e7ee7bb9e6d06dc59082f537053bb46cc8d800b82de8a730abee7d743bf03d5","ssdeep":"1536:qJuH03+0goh0dbU2Q+39Ya7C5x+eccVdofh3q4A6R:qJuU3bCbU2Q+3MXccgpE6R","tlshash":"0553e788f2d5b070439771a8402f610bf37ae959b44d8498f625e8e1bdb8dce546bf38","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-04-08T20:24:41.775481Z","times_seen":718,"resource_available":true,"data":null}},"time_used":1415,"timings":{"blocked":519,"dns":1,"connect":176,"send":0,"wait":355,"receive":1,"ssl":355},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/vant/2.13.2/vant.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 67900\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"652e0e9a-1093c\"\r\nlast-modified: Tue, 17 Oct 2023 04:33:30 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 961341\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ni%2Fyej3lqQQhIvKIkCYMOnwVIXSXpv9XolNjoeXivzQjy%2B3AGolut73OCqe8CFFKqyAxPGMAZ2b05IwmiGRuJxdM0vBHY1bdKr4AIpHus6Zlu2k%3D\"}]}\r\ncf-ray: 9e1f15163efd35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":279653,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57301)","md5":"644f13180f8d398c886f534b07044cdd","sha1":"2d3349d384b50a385ed0b0d84a256be60a1e2201","sha256":"f5d6379be3cba230a20bfd8bf264805de16223e0aa0277c0fb68c3c0751acff6","sha512":"700886a3c2a288eeadeec4b09884566eecb30f2530259b18a45147f07a02103fb94e144ed643f690de26e8b76119aa639f210c0d687cc957c82318be053ec72a","ssdeep":"3072:XuhzovpPNdJ+fzFgMxnnocXJjyv7mF4Betr1G661LlS+b6aNSnIum/yXN:+hzopC0TmRQBPSWyd","tlshash":"0b54d78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","first_seen":"2024-04-24T18:56:37Z","last_seen":"2026-04-08T20:24:41.822352Z","times_seen":864,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/92b0f46a49266a0ed83f08a452a893c9","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/92b0f46a49266a0ed83f08a452a893c9 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"92b0f46a49266a0ed83f08a452a893c9\"\r\nserver: SGW\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 88dab986c5394cdbaf2c09fac8500c93-68fca9c2\r\ncache-control: max-age=15552000\r\ncontent-length: 132930\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:26 GMT\r\neo-log-uuid: 15012953291379241238\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":132930,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"92b0f46a49266a0ed83f08a452a893c9","sha1":"e263fbe3e0acd78382bdd2b3413c7a90144dbdcc","sha256":"05e2d44708d07df95273b463d14421a6ec735d4425dc00cb6fe26b049bf69613","sha512":"8c027cf6f62822f49aad06f5e85fcc8fe909f26da72152833445ce3ede5a31f19a51ad5f9b93a37854d38b4129066c9cf4a88fa1201c78d7346d39eeda7696f2","ssdeep":"3072:/0PhbwuyxsumwcOXtVtGPoufkLQEGr0Pp0cfe9j:sPmGumC869zxrfuj","tlshash":"f4d302c35805eba2855453a82c430fcc9f64be1ce3cabeeb51610ac73ea4b791d5d5ac","first_seen":"2026-03-25T15:52:57.062629Z","last_seen":"2026-03-25T15:52:57.062629Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1776,"timings":{"blocked":570,"dns":0,"connect":0,"send":0,"wait":1109,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-084d1f6a.fb88f4bd.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-084d1f6a.fb88f4bd.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-11c4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4548,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4519), with no line terminators","md5":"ec3ae05446f1b917438c1a29ece9c604","sha1":"0b177280325f840517358451d2b3597826aceedf","sha256":"3233e51497870d2d87f17ea03441d0e91e7b5435c3d327a4897e9f19eeccfc75","sha512":"d93cfa017ea512c409999c1a610a41f4ea1f267fe497fc5e6b9fda447d2a5cbf7b297e5f71028e3e53260ff8ff693cff231e124254632c37b480454718deabb3","ssdeep":"96:CTiMK8MKPFG2mhCoxlPKEgeNNlo4nerCUPXFp3zT+5:CZehConKEvN7o4erCmXFxq","tlshash":"f291b54cf5c7f16547a77873801f156af2653ed498055a82ee30e0c17a38c28233baed","first_seen":"2025-04-11T11:01:20.47154Z","last_seen":"2026-04-08T20:24:41.823928Z","times_seen":340,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d0c4262.1a4baac5.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d0c4262.1a4baac5.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-254f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9551,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9431), with no line terminators","md5":"df9027d761d1bd09f4e1bb35409f2fb6","sha1":"160c4d8af922fa18d0f61f91ae5ef04988b0db13","sha256":"95403a52d5f9c2e646619e4d047241f29cb333ce23f008efbb1046a1fd21c404","sha512":"77b1a42722546584d7db9ae891e927083676b13a7ad492cea017ebbc3207e851b6604ca4f1d3b9e2b742826694e234dcd30fac3062710ef07c780e55adcff1dc","ssdeep":"96:qRHRYcfNk6il9Gj5vTryBHzDYc7NkLil9PYyWjqG:qRHhNkk5LwzPNkT","tlshash":"c4120e24f48bd2a9ec7e8002516d3531e1257be6d526e043f37c8a8857eaef4271d36d","first_seen":"2025-05-18T06:03:19.688678Z","last_seen":"2026-04-08T20:24:41.854824Z","times_seen":330,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/static/theme3/tabbar/chat.png","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /static/theme3/tabbar/chat.png HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 1345\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-541\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1345,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 67, 8-bit colormap, non-interlaced","md5":"9a9a3c68d20119ec90a21aabb59aa872","sha1":"8d3d8da5e2cfff13f62d0230a8f50fb6eb850bb8","sha256":"c8fcf8de83cd1d7b76eafd9fc6cc4b69cbe6ade29a885d7a709125d9de8cfe39","sha512":"f664b99ccf9a56023f424176cdb57ffd85e44e11de244191095b55adda525b3c3e831063b6ee2eee0cba54d553048d1e7e3706ac7fdffb1c9c89e7acafb0bbb8","ssdeep":"","tlshash":"212130f8f1a80825c36dc2a5c562bb78229c985cd1ec6b893fd0d6af5d9cc5e1dc43a4","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-04-08T13:03:04.975058Z","times_seen":406,"resource_available":false,"data":null}},"time_used":474,"timings":{"blocked":299,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/banner/6/list","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/banner/6/list HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:35:46.020186Z","times_seen":1581,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/banner/bottom_nav/list","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/banner/bottom_nav/list HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1340,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"67d058e16183811377df109331944eae","sha1":"3e755ca938b7950612b417d97426b7dcd13a2947","sha256":"4638edb9af2378bd169ae1a0cc22d635fe984bed03bcb01f921672fe35e74bd5","sha512":"12cc462bc310a70af1d8e7bd3b2e25b392b0a8b3489795f67412f49969aee9fff0787ae68e71ab6fb3682a44b58d4108cdd95df575f6855521824056428af56b","ssdeep":"","tlshash":"b8215a1286a8fc795dd0d18215afb886840d322fc1e1e124b5d6eddd86c8aeb370b5cf","first_seen":"2026-01-17T10:26:57.117703Z","last_seen":"2026-04-08T13:03:05.027115Z","times_seen":124,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-7ebcf264.7f55b795.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-7ebcf264.7f55b795.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-e4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":228,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"f50f7b25d10e1011c1213d3dc964e327","sha1":"742a5a63bc41a56add9d12ec38d5970773b0eedf","sha256":"a70bf3ac1aabfc84ecb8d3cbaa65f6cb888b3f8973208634a3dd162570159dff","sha512":"954bd9158708cabe9cd26453c9d001e5f976c0c81516bad128c8d28fed0ef6ef3e61e9695040882c6427bbab49c1e2024b1744ebc594858abb6cd9946464e7fe","ssdeep":"","tlshash":"1bd0a75ebc4c70017a7bd487714042fea41867515ce44696a0a764607d435d2a199116","first_seen":"2025-01-10T12:51:25.878502Z","last_seen":"2026-04-08T20:24:41.852383Z","times_seen":483,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":484,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/a65fc0e95c0b46fc88b28004851b9277_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/a65fc0e95c0b46fc88b28004851b9277_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 138876\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:27:25 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138876,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"15c65e1d4c28bba8665a21e52645585d","sha1":"eea649c37bb727e6e54e3e59d9749c6c41659c82","sha256":"a22207110afd7ef4730113a9e9f57f87806fc995169bd49c1f9797f4822f0d8a","sha512":"31864c4f4d4ac1000cab8528ad9058d20b9c27e0befa4e726a57f5d830498d163960ab86f2694a3ae428add44ad1ef65ee70907273df739a74ea253ea404e513","ssdeep":"3072:sHkmFn2r6jFQcorSCkbMTagvWBcbDHbt7U+uWo24bmhAQ6AuZvSfRQv:sHkG2gBrCkopvWBcbDHZ7U+uWo24bmh2","tlshash":"e8d31236e17a0ce2ec1e0b71db95bea61053cb3005dc004ef9a4eda9b14b4e5ee18e5c","first_seen":"2025-12-18T19:47:47.633299Z","last_seen":"2026-04-08T13:03:05.027814Z","times_seen":201,"resource_available":false,"data":null}},"time_used":1560,"timings":{"blocked":1211,"dns":0,"connect":0,"send":0,"wait":175,"receive":174,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-7721dd77.0e3d8694.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-7721dd77.0e3d8694.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-68\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"50a232a7a5154e825f186f95acf29aee","sha1":"802fa9205750afec336d36539e1a913906088396","sha256":"ea9c81db3bf4e708fccee76f211080e15889d6a7efb7134d71e6d728fc0ec5b1","sha512":"3f33f5039d50c9086497763f636dbcca0652a04b23a43337400784b9774a56b6f87bc59100b119d45fca2663fdb7ad9240957851aeece61f177420eabed8eed0","ssdeep":"","tlshash":"fab0127d3440b41604bfe4d6115b33f63c5f01042f7218f40b6500743e65acb490568b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.806597Z","times_seen":733,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-b81b8d9e.9cbb57d7.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-b81b8d9e.9cbb57d7.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-12d8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4824,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4774), with no line terminators","md5":"c527d2ee0b84ab00c0bddc8904c3a5b1","sha1":"4c26e31f41e24ba0258fc88cb8348b57e18753e0","sha256":"ab8a9a7286dbb0b3778af36ceb8736f7bb613c0ecb600e9b18f73d1915cd0c24","sha512":"beb9d4b32bc36338444d2a5181321adf0fc388f50534d78eafdd30283f7264145d678b5c8f650165c7c38d56bf9263c55055c8883fbda9aa8b42d768c33d474c","ssdeep":"96:qeeZ+Ac66Rt6qwe6yz4Ud9WCuqk6SL0MaW4Qu65Rw9aMniU4ANN/KZq/K2/KRQNz:qfZ+rbWC+L0MvRRMnEk","tlshash":"28a1564976c3f16e457be221843f261af1693a95d816a841ef30c5c47c28c79b339eeb","first_seen":"2025-04-11T11:01:20.486699Z","last_seen":"2026-04-08T20:24:41.748934Z","times_seen":369,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-1bd77d07.2e307eb7.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-1bd77d07.2e307eb7.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2f5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (757), with no line terminators","md5":"e82c61743b39a8b378d7b1d0333b2573","sha1":"958db5e32d1127244cc04ec0fee59f8e0427a422","sha256":"a6203164949b9bda17edc0fdc31a063a9e9976f67cee62ea34f3ef7d682f1d46","sha512":"920a9a06fdaef6e6307d6b6693f189948fce7cb4058a98ac5e0e6372c81042e14b3ecfb3dc8d002fc9171e968bacef357a5e8cda4f1d87529e9ac96952f23c14","ssdeep":"","tlshash":"7a0190e8788c623b3c37cffd341009d01212271251884ba57c68a070cd4f4e627f1b67","first_seen":"2025-05-18T06:03:19.595065Z","last_seen":"2026-04-08T20:24:41.74365Z","times_seen":330,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-23010-vabu7j14oxlv24","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-23010-vabu7j14oxlv24 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"eb5d3062fa0ff6b94d8c1d18712109f5\"\r\nserver: SGW\r\ncontent-type: image/jpeg\r\nx-mms-request-id: d76e2d5b8ab44bc49bb888263b914308-68a3e790\r\ncontent-length: 97410\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 14816608873042610649\r\nx-cache: RefreshHit\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":97410,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"eb5d3062fa0ff6b94d8c1d18712109f5","sha1":"e2fc2a323d0cd50ca42a0097a07c4f2b66da2877","sha256":"eb4917ebe3e6210e0c0ccbb5d3b6021dced6193b1c361a247a7daf052d5ea154","sha512":"0d604dd6640b546eff173a64a730cca1c4e75f4fcfa8d9ee7249c7270cd9fe7a5e6ccde203313c4ee30a778cd6c9120cf385f782de03b43afe4c6d62a4d08e37","ssdeep":"1536:bPQcTbkR/liX1eY9HABZaSnLt36u7+9Y68b8lZKsLv0ZT1q7TgtN/e:TQcT+iwYWB8SnLt3Zk8gZ1bebve","tlshash":"4c937b43dc0d8f87a425c3f9bf171e6c3706aa9dec4236fe50291eca6f652451c8a06b","first_seen":"2026-03-25T15:52:57.071439Z","last_seen":"2026-03-25T15:52:57.071439Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2253,"timings":{"blocked":553,"dns":0,"connect":0,"send":0,"wait":1682,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/4.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/4.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 6495\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-195f\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6495,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"f8f831ea05790e70229847bdded8073e","sha1":"10cb798a5a3b8a15f053cf23617f908982dc8651","sha256":"60f0bef1d94953c9a8d6e3ddb33b2ded547e7d5e69a90abddb580bf00ae3d697","sha512":"9ef376f939402c860a63328c057d0e4c818a9eacd6f6c272aa0800c35aa364136d40369c2eb61a76b558646f738fd0b0a507a89e76428442c9c184cf92f11805","ssdeep":"192:PSX6knOHiJNWjegyM6ka35WqlBNVsr79S9p5tYhqctjle:6XJnOHeNuezMsWqUgf7YhqctZe","tlshash":"35d17d07dc4a6d10fb2ae81679e872474ef703d4199768946daa48c6fdf033ecc298c1","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-04-08T13:03:05.056979Z","times_seen":250,"resource_available":false,"data":null}},"time_used":1206,"timings":{"blocked":1028,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-9fd116e2.be26ba7f.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-9fd116e2.be26ba7f.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-14d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":333,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (333), with no line terminators","md5":"ad2d88123d51a4b6e8e3495e9ebece3d","sha1":"d16ec779eefb27ab84d6b438d233184a3e31d559","sha256":"0835e15c3a5c71c15aec5f475c0d5f02d5044d78cc4739a345343b69543d7a38","sha512":"cc6160d1a07c4324bb4b08f9a6f23197d8d3d5fb944895d05fee0ec18b91efaeee9a432b510bdeee58fda5a913dbead577af67e6224b37cfe449c35f01be8c18","ssdeep":"","tlshash":"01e02c697aec5c313c36e918214a08ab23046b23a3e0aa50ae607022cd4b1a7210a38a","first_seen":"2025-01-10T12:51:25.880805Z","last_seen":"2026-04-08T20:24:41.809354Z","times_seen":483,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-73564486.8eeadb7b.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-73564486.8eeadb7b.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3b07\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15111,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14825), with no line terminators","md5":"c12cd816f5c9d1c7ae61adb666cb1a4b","sha1":"c96e809cd356a8cf4d2732e4314e6bc78fbb129b","sha256":"80e792a7ae7361ea0cf726b584d799fae58d818fb2cd60e5acb1d77f9e2047f8","sha512":"dc9fc91e0a2d4936abcfc305b13ddc13318fcdbfc5fbfc268faed828e409e9b7b909869fde96d7d8000961fbfc6334509ea4dda9e94fd26baa347abdf580ea9c","ssdeep":"192:UZYYky2uE1tJS87BmQtievX/CivbILZ+k4:OrE1tJS8F/3KEHk4","tlshash":"6a626654b487e6afec6e9522411e3a35e1312fe8e022e043bb34cdd45994d7c272db6e","first_seen":"2025-05-18T06:03:19.707424Z","last_seen":"2026-04-08T20:24:41.817Z","times_seen":358,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-9bd26c66.42209a04.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-9bd26c66.42209a04.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-39d97\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236951,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30304)","md5":"4d3f68051de2d039b972d0f67e7ad350","sha1":"80bd171558df0b1819c35a54678a18e8f5139edb","sha256":"9d0c01748fd6a638557e7aa025946145f416c7630d4f72d831c7b84b12b506eb","sha512":"d2283be980e3b336244e7bb184f51c0171a067022fedcc2912cb9ee889e744396d57a0c814dc993b433e134c46378e194e9b13aa6fb542104eb7b5b906ce4bf3","ssdeep":"3072:AokxAxSqddJqG+J6LXtqQ4kCjIMcI7iYvoB6VsMQzBUXtqCxPWQ:axg9nLXuQssEf","tlshash":"ec3497b477a72cde0b7ef09b001b2d438d981b57107ec1a8f25aada22d74706deb1674","first_seen":"2025-05-18T06:03:19.607337Z","last_seen":"2026-04-08T20:24:41.858304Z","times_seen":326,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-fbee9466.71618bf9.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:29.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-fbee9466.71618bf9.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-54ee\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21742,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21600), with no line terminators","md5":"83b9c68c01c2a63e26911e8625844b16","sha1":"318cfc0098c1cd278772f658e07b2cf6a7ec73cf","sha256":"9b4f5bc2096377f6086a9e07281ab6f92ee41b32e699a2da01d8bc2f8c548713","sha512":"68c0e686d806d2d71089cefcd16ce9364104db70393c9da4ad0213af452fe739270ff7c2c4754ba199fe50e3b70ea45aa13e1e65f5af0a19a2b144268fb57457","ssdeep":"384:6cRo+QngYWuRIIuMe3kA8MLjjBLLFZBWglxiTmMebqiSMMDM1j0LIFv:/31vZkK","tlshash":"27a2d8cce98aec270fd3b2be342b20d5a21b906e7805145ff3b0d9dd255fa516821776","first_seen":"2025-04-11T11:01:20.507349Z","last_seen":"2026-04-08T20:24:41.784842Z","times_seen":339,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-25T15:52:21.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:22 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3491\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13457,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (8611)","md5":"4347341d9e269d50734f44cb71eb3cc0","sha1":"146e04a38cda3954b74631656344ec1f483799f3","sha256":"149081b8ea51a11d789eb9d20abd208acc70e8d2db7edde4885581bcf5b45065","sha512":"39b41d266b2b8b6fac0d3c5113e8ec549c44400b2b578af69458c686cbb17512cc1408e53b91246871c21309d1f6dbf9022a219d1c771b4f1b9d85c549aa625e","ssdeep":"192:vsNZeKIC+LFGSFGmQnqQnIBmADd/oC+hnYyQgiAQntyztM4/Z0tf+ahaOa0acain:vOZU2m+lIyQntyztM4/Z0t9","tlshash":"7c523b79d60161afa9d1dd9b9e29f72ac4eb8c7b2070e440b66d8c4f8f74fd40626483","first_seen":"2026-01-20T14:17:30.595031Z","last_seen":"2026-04-08T20:24:41.742908Z","times_seen":128,"resource_available":true,"data":null}},"time_used":1613,"timings":{"blocked":719,"dns":189,"connect":174,"send":0,"wait":175,"receive":0,"ssl":353},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 30769\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402c-16deb\"\r\nlast-modified: Mon, 04 May 2020 16:17:48 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 380550\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vNr3fo0I1TjvVk548bUmKf9m7yT33pYLSAJOrTdK5LK2YrUKhjdV8V8hfFHaAljGfzhEXUaUM5bd8Wv5yTdxVZIz8WVTvHHy5BT0wWAsexQk674%3D\"}]}\r\ncf-ray: 9e1f1516682d35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93675,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65449)","md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-04-08T20:24:41.835686Z","times_seen":3685,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":1,"connect":5,"send":0,"wait":10,"receive":1,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-75292e3e.af83f581.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-75292e3e.af83f581.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1ac5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6711), with no line terminators","md5":"068d827e81f3643021999d1540fdd5ed","sha1":"222d029f95be902ecc892bbf6394509c8ff96d2c","sha256":"6c7c7cb24a4292a85aba6155e032cb866bf2801f93bc245ee8cbe94eb07bef35","sha512":"89c0d60557993dd29cbe26a19849511f44e1a6b73a7413d80da85391468b55554054ad6942052c32f006599c71fb1214061f1abaf65085629a460851eda207d0","ssdeep":"192:Ok4xlS+7/T/d/f/0/TFNk4DsMk6RFdl7w/r872IPQ:Ok4Xac8fG8ix","tlshash":"ace1db2cf587f49648e79061802f3225a3352e85d426e051ff35cde4165992ea32efbd","first_seen":"2024-11-21T12:34:27.44109Z","last_seen":"2026-04-08T20:24:41.819376Z","times_seen":500,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-925a3b70.79602c45.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-925a3b70.79602c45.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13a5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5029,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5029), with no line terminators","md5":"ae10f24df8163b26c0a8acec88ebfc61","sha1":"c0c320097f42858a0bea9dcf3856a9c368e93d9f","sha256":"16683f30f4b68a618f21dc64abd32a57b9cede65c70e5200e4091ed79815f796","sha512":"81647890e433c6bd8cb635528b745028179a737bd29dc4e8c43be9086e463b56bbc03077c76e099ba8f680f5d5a3339a11ec3aee77ab9ff32c0a8a10efbfb2a6","ssdeep":"96:ribAxCrPwsEiRiRJK+H19mHRMR4RMpBGhBfL3U2xK7q5bCS4M1nMb:riEs9QzYMmMihBj5xl5bCSFc","tlshash":"9aa1bac8a5e5acda076392a1503f31d5b212d11964337486fbb1cfef7d2d6d60902b2b","first_seen":"2024-05-11T19:59:42Z","last_seen":"2026-04-08T20:24:41.855371Z","times_seen":655,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-dd580cf8.daf4e217.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-dd580cf8.daf4e217.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-175a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5978,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5874), with no line terminators","md5":"427c56710f73925610ee051dc5dac663","sha1":"f5a8ee7e08d60ba732d993920d9f513eea3cadb4","sha256":"06dbeafa1a3d4781512e7e9694f58e994449b19a6f232ffe412d7b7ced396b61","sha512":"94464dd7ec342cf6b067bd078d9ee1c7d1ea8d902956e99fadf0d29ed2b1d4e09297b949644eb63794488016d4fba9c6997af6c0e0f570236c4476af114020b7","ssdeep":"96:/sEOY7KsUtzogo0o+oud1CUzy0pJirRfKBT2QEVsPiJ7tImP5MyL:/L+zJxzDjnpJirM2TVsqVxL","tlshash":"a5c18748f1f7e66a847b6061802f1615f1327ee99821d002bb38dae07b50c7d77bea5d","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.779179Z","times_seen":721,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/lib/flexible.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /lib/flexible.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:23 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-408\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1032,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7524a2ba32138a0363ad48a78f4c7b9a","sha1":"aab46e82603b9de5b1880c0aaddc0d0f29dbf7a6","sha256":"d68ca73f7b227d0da6b310867a0a588530657bc433fce241b3b2aea1502c10c6","sha512":"77518eea3846fafd71ba1a086f06975e9ab22c2d1e55265795f62604d2411eec3a9a9ce50e6f5ce369fad4ad22e4346fb4547beae00e043fd7f48b5b21e9c252","ssdeep":"","tlshash":"081175315350b490a4f78e33320d955865304352cc378a60f320f198d5e203b27a2b8d","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.835109Z","times_seen":747,"resource_available":false,"data":null}},"time_used":1289,"timings":{"blocked":546,"dns":3,"connect":179,"send":0,"wait":184,"receive":0,"ssl":373},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-24a6615b.a23aac98.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-24a6615b.a23aac98.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-208\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (520), with no line terminators","md5":"3b034eece220695de5d1cf1e5340f893","sha1":"ee3ff58be43b222b03fb5ac816269313f532379f","sha256":"50c4e3c1205c156fe2250a09dc1bdf74c5ef5e1f31d28db7290ecce59c291a64","sha512":"1a3789a58f28f386c88168e8fa1a283606528f71ed231c0f01622a925c044f3f108ee29dd4f2638d6d9b061a53305554c2c8323dc629977587af8c620ea71d16","ssdeep":"","tlshash":"dff050328025211cc0b7d43057e8358e5278f11be633518448a1f33197c764618b56dc","first_seen":"2025-06-13T14:30:24.524112Z","last_seen":"2026-04-08T20:24:41.777666Z","times_seen":319,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-1208543e.f44f12c5.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-1208543e.f44f12c5.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-d08\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3336,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3324), with no line terminators","md5":"be975a74c0a808d6e18bc308100f1a0d","sha1":"b59e8ea3b99405f507e081fdfc2ad6996be8fb15","sha256":"ba5fad0d7a49a3add3dba0c5b1d31279d314011a0938844ff1d3a5f3e143dd33","sha512":"420e469118370bf0ca743e7f89fd2ac52a0f58e7a6acc2060d6bf3446d7c0eb414471ececdbd0d9b03a52589ad7786484303f90d5c5b16bfff9ebd1035633bfb","ssdeep":"","tlshash":"8f61844c7093f4a703e69166783f3715e2b67a95d411e1146ba0c7c0f87496a232bfab","first_seen":"2023-11-18T03:55:04Z","last_seen":"2026-04-08T20:24:41.829282Z","times_seen":679,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d0c0c19.0f09385b.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d0c0c19.0f09385b.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-131c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4892,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4892), with no line terminators","md5":"125ff31db350cf9597538aa922abc1ab","sha1":"6a5ee9c564ee56ce697f4469e6fcd2e8648b967e","sha256":"b184355349c8e7751662b720d1dcb2cf653711a979e77f39ab0cf929c60b9824","sha512":"005fa3aff982e898d6a268b9f9a7c18f32c357a9a176ad994eded793e4d6d9bbbfefdbb4b34eb863e311271ffe7f96838b90f1fe3be6ef9f36ededcf875a67f9","ssdeep":"96:R23jRDcjo2jwseP922MiR0uK+H19SHCMcr4CMhYFqLNB04uoCDpxK7q5bCSXc1Jk:R23JlHsGhFyY1McFMhyE04xgxH5bCSt","tlshash":"faa1a9c4a6e5acc907935292603e31c1a312d21568237496bb75cbef7b6eb811d06b27","first_seen":"2024-04-24T18:56:40Z","last_seen":"2026-04-08T20:24:41.81061Z","times_seen":661,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-3ba48570.5b9bf82d.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-3ba48570.5b9bf82d.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":243,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"b8901b3823757d5f837487ced574adda","sha1":"e78d0c3abadc1108b637c4f3fa151ababbf9a70f","sha256":"0501c9258dba83079a93439098564ba2d4f40ea059bf3409387e9c43f8114478","sha512":"07bf86aa00e47d817520b1c2d17e0946a5aedc6afa75a807bfa927bbf2735fea7953ac1c4450b87e9e5d7e880c0e993e54bae1f2b37d3164d3fca1f87a179e1d","ssdeep":"","tlshash":"4bd0975334c08b8332318ac6b102b23e8cedf83fc3d81e1a0980d2f6581318f143a25d","first_seen":"2023-10-18T00:16:16Z","last_seen":"2026-04-08T20:24:41.783416Z","times_seen":707,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":131,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-6497b0e7.9051d76b.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-6497b0e7.9051d76b.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f8e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3982,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3982), with no line terminators","md5":"d6e4c0779b605fb4cb780a4497ac49c6","sha1":"2d7cbb4d0cce2fa849083622a974d6ea4929e6a9","sha256":"64da468e8530be7c3730eb426ce82e544e95d0681afef2da7365e9fa934fd089","sha512":"cf78b66ca39a972b79c1456059b401ea2bc395ea3f40c9a8f8dba70bea1b1008f9cb34baf1e27af59954d59e1447fe9164a50db09731fa88c4b14234f39c0827","ssdeep":"","tlshash":"f481e2263856660cf56be630fae09acc47a8f207f14313da44156a26dfdf5c321baad4","first_seen":"2025-03-31T13:39:50.392678Z","last_seen":"2026-04-08T20:24:41.820322Z","times_seen":349,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/static/theme3/tabbar/grab.png","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /static/theme3/tabbar/grab.png HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 1197\r\nLast-Modified: Mon, 19 Jan 2026 17:07:34 GMT\r\nConnection: keep-alive\r\nETag: \"696e64d6-4ad\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1197,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"246e24ac329fef35a8fdbde1df7ee698","sha1":"ca6f3a8bc0950f9e97595b7630023f5aa3628125","sha256":"2e091bdafbd770da842eed04a365d8c70ef44deef1abb5ec7ec759c811bfd297","sha512":"faddd28e0a9a6165f917e405d1b85dfe9f2f7ee48c78d60624e67d3c3d5d7099085aff7a69e64ce2a5db29850ae452d06f9fa8fe1329f1d53c2ad50bed77efd3","ssdeep":"","tlshash":"5c210aa25a0d4f23957209b49cf56a50b4b8c9946fd99ec00c873327df8b924297c493","first_seen":"2025-03-03T23:57:52.331763Z","last_seen":"2026-04-08T13:03:05.089595Z","times_seen":250,"resource_available":false,"data":null}},"time_used":475,"timings":{"blocked":299,"dns":0,"connect":0,"send":0,"wait":175,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-22120-wzzbcp24mdlv3c","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-22120-wzzbcp24mdlv3c HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"ed05b0c2504017656e42876b266222df\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 9f85459c88284f80849b2f0e75d68783-67fdee8e\r\nhandle-by: img.susercontent.com\r\nage: 0\r\nx-spcdn-request-id: 1f6b3330f23b7d4295753f14b5cb970c\r\ncontent-length: 98621\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:26 GMT\r\neo-log-uuid: 18140166759807667319\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98621,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 999x999, components 3","md5":"ed05b0c2504017656e42876b266222df","sha1":"836d789d5cfcaf714e14a60167fa57aef315b8df","sha256":"855cc0ca42e1ea9999c70058ae0ec1b525005a0bbb7e43d9a79315ced32649c0","sha512":"a5232564149ff450ec8e3eb6911c7abba3c91993ec510ddd62fb4dc9e8c4a24015aa7725b6a133c2db770aeea357db88f8df2a859889843a2e1b7ec35f2c11e3","ssdeep":"1536:/AdUzvTN9HkVuEWkXribqgbm6VsPJTe7jykBv1AnusdqUQx:ode5mIEPXrebmVJTevyG1BUO","tlshash":"eba31717491a8e93f928d3a9ff134e5c2f4a664cf88776fb01660ec67b116661c8d03e","first_seen":"2026-01-12T14:31:38.850403Z","last_seen":"2026-03-25T15:52:57.088961Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1627,"timings":{"blocked":581,"dns":0,"connect":0,"send":0,"wait":889,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/6.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/6.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 14547\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-38d3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14547,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"567f222c91a0adf2736760e9bd1ebf4e","sha1":"8f8df5a135c97c0b14c0fb5573ca00e822a19e9b","sha256":"cee5b962a078c675d90e9a0f9cefda41478d9a93e80ee69a0131e8931a531aef","sha512":"1155748926bd0d7379a8140f969caf8d6bcb508657c9a3a819501a008c8a114e745ff2f597d400147bf43147c0949f8016868d074781003c54ca66c3826f2d72","ssdeep":"384:6gJn5nsqCGCJs8P63+vOt1PAmO+INCl7SuIo:FJ6aif636FUIND4","tlshash":"c362c1ac36462c11a704fb24ce8414e3a7b314f0d2436ba39dc8dae61d715fa5c956dd","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-04-08T13:03:05.047715Z","times_seen":270,"resource_available":false,"data":null}},"time_used":1303,"timings":{"blocked":1129,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/tabbar/assets.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/tabbar/assets.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 17565\r\nLast-Modified: Mon, 19 Jan 2026 17:07:34 GMT\r\nConnection: keep-alive\r\nETag: \"696e64d6-449d\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17565,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"f58533d3d8032a2ebee5b01e4f91ce56","sha1":"373a51128c8f99ac2371ef4b792b2994128091ea","sha256":"aabe3cb48a68fec28f801583b8f7a0e9ee2e893e07e7c792a979bad9ec9fe980","sha512":"7dc05b5ea1a70492d7c3c952b8321f02a103db4c2e69c8b58c546c65066ea8846cb92c183d6f4e9f6940224ab8d12808797460a6392dd7d188e584dd3c447569","ssdeep":"384:F0wD4mqGePGw/4elj5VB4Od1jXkl41jhBjBQYce1n3jZV:FXPw/r94O/4412ReB3jb","tlshash":"7f72e1c278618dea2e860738583fd202e31fe1ecd452ba56846bc20751ecf9d9df54a8","first_seen":"2025-03-03T23:57:52.23244Z","last_seen":"2026-04-08T13:03:05.119317Z","times_seen":250,"resource_available":false,"data":null}},"time_used":987,"timings":{"blocked":101,"dns":0,"connect":177,"send":0,"wait":351,"receive":1,"ssl":357},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-6698de45.0ce58e89.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-6698de45.0ce58e89.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-4347\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17223,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17043), with no line terminators","md5":"5f3fe7b4391a1b7304abcd9c3c6f55cd","sha1":"f2de771ca78295b85e6cc623d79f4fe6af541b07","sha256":"38c6a2d4960cfb06cf15e5e3efab2a5ab8bfddc1b4bb68489722bb1109c01239","sha512":"deec0997cd72961560169f45c630f18c177590e86756f2d6e79cee1e80ef975c2e42fc963a285941cac996ae2d051ba9fdff2f749995741375c40877e5f2e069","ssdeep":"192:i3xkwOxCMgpCU91RhPj6YhOWvDZ+J2B6bJi4QyvdUcc6ca4f2:i8CMgp7b6F526bJi2K2","tlshash":"73727614b5c7e6ab9cae9021442e3525e1323ed9a026e186ff34cec46928c75371ef7d","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-04-08T20:24:41.833971Z","times_seen":543,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-6849d582.ee1a6b87.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-6849d582.ee1a6b87.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3ebd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16061,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15867), with no line terminators","md5":"56ba1b4f9ae9ca696b7f8e67c9793461","sha1":"a5d4cb1c1c3f27e1e3a8e0f3f3160c4ac3340269","sha256":"a4316613d0c30fc60149225cfb230e8f14d1ac304ec8670cc97f82c80dbf97cf","sha512":"5355cc817014aee882fd68c58e88a1b16e994a5c1d71edd614b9514b8881650a7d9e6155fc00ed1eb6213042df0382950d8b5c2e91c085d2760f8ba276e484a8","ssdeep":"192:AjkqzUxdLKal7FwZ2QKaQG6CFqbzBsDy+L216XQUQIUsdIC:A0dIUC0zis6XQ2pIC","tlshash":"52728618b5c7e6ab9cae9022442f3535e1317ed9a026e146ff30ced46968c74271df39","first_seen":"2025-04-11T11:01:20.382802Z","last_seen":"2026-04-08T20:24:41.795168Z","times_seen":339,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-479f5bfc.2dca234c.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-479f5bfc.2dca234c.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-8b9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2233), with no line terminators","md5":"ac99ddf2ce101c2c7a635e984f458ca2","sha1":"8c8b48207bec3bdfc96e782a13fef81bf270022d","sha256":"ef2504ed4aa5d021524832a4351b4d5cd9bdfacb6d5532e985177f890ce4107c","sha512":"ebf3f7233cf178b3d323c088c9502affbe32fa97e191f301dab7b83cb76c21229d2b351f92442321440d73d87f6e0e7001018bfd8c1352dc66a665771dfee449","ssdeep":"","tlshash":"f1417493b8851145f4279e3093ce4e685239c777992206df334634da8bc3aeb37a671b","first_seen":"2024-11-21T12:34:27.304932Z","last_seen":"2026-04-08T20:24:41.819869Z","times_seen":485,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-6698de45.417e0788.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-6698de45.417e0788.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-271\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (625), with no line terminators","md5":"64a929a7d54bbd849dd6eabdbda4d9c8","sha1":"14052f0e049a7fb4123bb08f26f7cd9fafc12495","sha256":"1728e8eac8bcb6f1d4dccde1cabe92163f790ac8cc0029dda71c9186392dc32d","sha512":"02413b50ff0d0fa0cdd6a6a7de0919fa13b1c4ac560a6996d73aa5c5eb899f0ac3b12240070e4e89c8d84d890017d71c6d55ffd9ec504f223d91205d4e0b3b59","ssdeep":"","tlshash":"eef07d67f0840f08d836d2412bc41ee6906a7522721187f8cec35d14af8f297349a5c6","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-04-08T20:24:41.851918Z","times_seen":562,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-74d1c393.2928084f.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-74d1c393.2928084f.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-512\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1298,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1298), with no line terminators","md5":"1fe245f2830b10534ae77924560ec401","sha1":"1feacb8014a296352318b1697944b097d55ba92b","sha256":"a7bf0d2d8a328645eb9822334530a707baf64fac7625855b717fedbfb321525c","sha512":"05dbf5c934a71f4e9a909e8eebec316766529767ec7169ad5c868d6e40e8b3274a01e0de21e59f3efc696ef912870726f9952129a3cbb4dfbe5cba1a460bcf1c","ssdeep":"","tlshash":"ad21f6a1bcba1f671bf9c64d8045bff5461ab145ca285b39e05433ec06128ea13e2312","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.82686Z","times_seen":750,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":368,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-22110-n9pvwloansjv23","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-22110-n9pvwloansjv23 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"11bbfc7c11a8e190940978246100f1e1\"\r\nserver: SGW\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 3a38ab5b12a64db8807ad13a8065485d-695f31b8\r\ncache-control: max-age=15552000\r\ncontent-length: 128194\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 17757419282714650510\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":128194,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 750x750, components 3","md5":"11bbfc7c11a8e190940978246100f1e1","sha1":"c5b732dfab869bfb44a4e97399c095cefa4f548c","sha256":"d589dcea8334efc8811196b0f42b7cbdb3e7e4a2591d1deb75214284f9badf1e","sha512":"67c4df74ae82d111c2be77815b1e9fd9f60b78658ab2750b5578a5523f3db3fc6a5397ed55117f5ae3e865c6321ed656756fa060ac4e0c9dd8dd78da481d30b5","ssdeep":"3072:PQ2IvasFy+wOzfw2VVvWOnt7s+yOG3oWmc14owHAnNXxg:Kyslbw2VHH+oc140n5xg","tlshash":"39c3129bf507f29386ddebb2389e0d7e6c13dd5269a33b6f140115d229c2006edd6872","first_seen":"2026-01-10T06:07:31.973001Z","last_seen":"2026-03-25T15:52:57.097423Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2274,"timings":{"blocked":550,"dns":0,"connect":0,"send":0,"wait":1699,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d0e923e.2964a879.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d0e923e.2964a879.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13f2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5106,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5106), with no line terminators","md5":"584af06a2616deb23eaff27c770b2713","sha1":"31211da93d53b1b6f3fb06cfa0deb1a69770d4cf","sha256":"b57124fa023feb12a78b04ff14e182e2d061778e7256906f4dff5c65b6d461c4","sha512":"ba7e2286b70d98cc3cefbc844e28748209baaada80458f6f1d8743a774b2b8ecaf1c2325d8af19ff3832a54f2b0651fcda57c7e18626ad32cea92b7b8ce3dcd6","ssdeep":"96:TKLcRkKk2c72mRgrYR7r7RWYFqQc72mCgrYC7r4CWYFqnfET1Z1zeuNoHWGScG/k:TQVL2i3gE7hWyZiwg17FWyK81Leko/ok","tlshash":"17b1638588a6fecf0126a1a5602f35d47002e14a283250a677bcdfae336fca21f1531b","first_seen":"2024-06-12T10:15:54Z","last_seen":"2026-04-08T20:24:41.792457Z","times_seen":649,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-9fd116e2.eb8f591f.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-9fd116e2.eb8f591f.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1c66\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7270,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7258), with no line terminators","md5":"6292f7d901ec6aa7e1792e247f1f7813","sha1":"af6b1d49c095e8e24b9cf461eedbbe970d0c7da0","sha256":"205421f27996f9c325621bbd21e5c1dfed12b03a3c987b17ee7dac58edc95b40","sha512":"406bfbc3b5d7078949dac9ab9c4b673872a938ffbb2b0ec9eb5eaec7e1c5f4d27502b79c7b0e460f0cd3bb73694eb1353b345a4bb12b2b8a7753544bc70a5f46","ssdeep":"192:r3zwKcPhlGNQnrvGEeGVy/tugdtHw1gt/+tA99C:r3JcZG4ow1gts","tlshash":"48e1d7c8a49efe5a1c529152203f32e5e109686a7639e8daf730cfce4ddd5410b2873e","first_seen":"2025-01-10T12:51:25.930485Z","last_seen":"2026-04-08T20:24:41.824406Z","times_seen":468,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-ebba634e.7ad6a660.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-ebba634e.7ad6a660.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-717\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1815), with no line terminators","md5":"5740f904c8262dc6212f3829d30d1baf","sha1":"ce66dfd5774e04ce19c15b61fd8a062b7be2e27a","sha256":"b5ab173e2a2b74cb72eed68c93b32ac85d30481083f88822e28b7322cea06124","sha512":"d3bcd5ee93e8a56428411a059377aa749f05f4ea121ca49331e4a48b2bc2fba6f7829f219634d4e0364b4d08869348f00e8401bad01fea776fd19a28317226b7","ssdeep":"","tlshash":"9431628bb581d7eccd7aa009112b1662f0355bac243050d056bdcf906534ee96b2fdef","first_seen":"2024-03-05T16:56:18Z","last_seen":"2026-04-08T20:24:41.74655Z","times_seen":660,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/app.53577dab.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/app.53577dab.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:23 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13061b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1246747,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55222), with no line terminators","md5":"d465e7a29c6baab369d1e9008c78433e","sha1":"bb2f781b2d12f276c93b020451a21329b863dc6a","sha256":"f88a0026ffb5bf0f2d12678d297efcd1f9dd4f0f9df474b1d341b4b134f5a48b","sha512":"05c9029168cb252528626f9c6fd19fa8ed68a17f88aa6407074e03d80110fab5b26f435d589a353cf112698ced29f070a538af0f01a8dca0574b2a33be79f279","ssdeep":"12288:y8T/2f5k6qFtDu2XKkd6lX8I82S11yo52ZQixQn1+aPpAQ9ogO/xX+jaNDTBHizM:y4Kt0MRyuAsI8","tlshash":"4e554d4e72d9e3f40996f4b2200a39387d35def6d68d91ca0b3993d835deaf00127966","first_seen":"2026-03-25T15:52:57.104677Z","last_seen":"2026-03-25T15:52:57.104677Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1937,"timings":{"blocked":514,"dns":1,"connect":177,"send":0,"wait":351,"receive":537,"ssl":353},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/vue-router/3.0.7/vue-router.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 7869\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-60f6\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 357348\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EwKI%2FE5nYT8UnU%2FhihulMzTSoaPw1LjXazyNHqfiBDsXClHWynx%2FW%2FACY7KySwl6UvxC9PKiS8mS1bM%2B8GGFR0x%2BXUMqPtLfQZjwG1sANw7PjEQ%3D\"}]}\r\ncf-ray: 9e1f15163f2d35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24822,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (24752)","md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.812274Z","times_seen":1042,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-08d95777.f5012141.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-08d95777.f5012141.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-608\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1544), with no line terminators","md5":"3eb6ba970730292a23d44a5c7e0cbae4","sha1":"d96cda9dbebfa42b9429e1ca3d952161ccb24a75","sha256":"bde2e3fb26caaef078a6885fa66517d7dbda64ca44337fd2c98a209fd4495756","sha512":"e3217ed84fa5185169cf12a242021dee4b8308bb542cf26a814174c9ea941626f4378aa0c446229a6f533af89f0cc8201ceb9c1de7f5499c09e8b1c95ba67a29","ssdeep":"","tlshash":"6631e3335125a2087127dc952230a2e3d1ade216f43b1357580f353fcfc799205f328a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.768226Z","times_seen":754,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/banner/1/list","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/banner/1/list HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1053,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"14a12bbe0d810a07fce208e82c8ec26b","sha1":"ff50ebe5ecd49376c08254388b9cd22ddbd2f149","sha256":"c51affbc1bf1d1db5b317e3715d29070c1aa70eb101cd9771e252c32505d6392","sha512":"6e2fee0de1f375774e85fdf2f59fc773138100b5f09458a352b8092f8fa952a4b360c4370ccdf7d39531c0c445f36f968c4f066836e2d5a8a4fea6f05c9bd77e","ssdeep":"","tlshash":"5c118c19db2ef8f8b98b804361bee1d6a01c336fd4c0675532c2c94c89d94756f1aa2f","first_seen":"2025-12-18T19:47:47.678996Z","last_seen":"2026-04-08T13:03:04.964768Z","times_seen":201,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":76,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-07f01604.5fc836d1.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-07f01604.5fc836d1.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-fae\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4014,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4014), with no line terminators","md5":"2195639468928533275ba7f071087cc3","sha1":"0e525068ca00f15f91772aaf6759025082fa02c7","sha256":"920bef6bb84844bd331f8f43f7c0e46aef7d6492426090103683ee1f28daba2c","sha512":"6fe190c8d5984970691bae634ca578e38c246b24fca02aa50088b32fb27fe712e2904fd8ac2bbeaeb3839354bd57da2c220de8002d8c0b263e71a1793c928a5b","ssdeep":"","tlshash":"0481a62ab1db34a6106fa080243f3202b33425455956d0c6fbb0c7d49b656ec7d7bbbe","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.79198Z","times_seen":730,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-06ae24a4.fd43ee93.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-06ae24a4.fd43ee93.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-bb0e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (46623)","md5":"177ff7e3310c02d7e6a139a3237e0d38","sha1":"375c1fac3912c4b63c01d7bc241aa43ed0055460","sha256":"db079d71523907889a19e611a38e528a3405d89d22506634a177248f03f93226","sha512":"004642aa9fe53920ff46cbaf93784da99051143c22aa04e4e24ce332e2556b057d331a481f31ff427dc0b5ef0cac013c55e41764af8496f59366278918044741","ssdeep":"768:KEkZgRUp2R7p2ROwo1OAPkuD336ya5hrCen0eTg:KEkZYwo1OAPkuD336ya5hrCen0eTg","tlshash":"9223b89a48a1224591234e56cbcc9fa8473cc76364b25cef33967c4bc745bad23ce617","first_seen":"2024-07-02T22:35:06Z","last_seen":"2026-04-08T20:24:41.812755Z","times_seen":679,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/poster/homeList","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"POST /api/poster/homeList HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://glowremotely.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://glowremotely.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:35:46.020186Z","times_seen":1581,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":87,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-932adb64.d362d6ae.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-932adb64.d362d6ae.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-a41\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2625), with no line terminators","md5":"6baf6301c2e215f8e8ecec373a734e7c","sha1":"8eee0eca4c9b0fc3a69866a730afd72b88a5635f","sha256":"0576a55858af13ef94bb893a1d0a1e30e77872294ffb95be0d0ac7d4a4c208df","sha512":"24206346f932e96bddedd75cfd79d50ba46121b6fe381548585f58bb6134c8ada39806e28a09d71303f5265cdb3cace4b9a0e76d1fe9cba19d37ebe22cb4f103","ssdeep":"","tlshash":"a151113364585209f13bddd11a0429e66970ba17f0029ffe8d5d3c30efc759626a2389","first_seen":"2025-01-10T12:51:25.879985Z","last_seen":"2026-04-08T20:24:41.785528Z","times_seen":483,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":73,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-06ae24a4.686330fb.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-06ae24a4.686330fb.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-81\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.744764Z","times_seen":757,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-479f5bfc.f5b56ee1.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-479f5bfc.f5b56ee1.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1102\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4354,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4325), with no line terminators","md5":"59bf213112e2ef3441b335100f9ab202","sha1":"ca9f95b09ed50f4b322a9f10a34676167c72d989","sha256":"29246ca645696659bc40e853672ef76e2b9915fa9ab97c75d501c394d1008761","sha512":"24097a1749b964ec34f71d76da645d9d99914a960f97d43d4be8c98dd94e91c7ef238472fc1f24cf7baa3c0a4199ccbea52b54e47b7090c1379535d1afab9db1","ssdeep":"96:OTiMK8MK17G2myCclPKEgeNNlo4nerCUPXFp3g6K+o:OD0yCIKEvN7o4erCmXFxc","tlshash":"6791844cf5c7f16157a77873801f156af2657ed898065a82ea30e1c17e24c68233aaed","first_seen":"2025-04-11T11:01:20.485043Z","last_seen":"2026-04-08T20:24:41.814861Z","times_seen":340,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-df347502.fa343716.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-df347502.fa343716.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-25997\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154007,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65006), with no line terminators","md5":"e5044e7f519706388a93765e3ee63fcf","sha1":"2b29363ce1134605f9992cbd9e5cdf9ba554d329","sha256":"66839891fd9fdca1f3fa9abc65a3f39ad53936731a1a7508eb6a00215fa1f2a8","sha512":"ca6907084adb9729115b88a1421ba7f64491842d4e4f6299e9cb1fbbb4455e67d697d10aea99fccf085acc030433fa11855e114984e712af7d4fa23d24775bae","ssdeep":"3072:hNn/ViAs300OOMgXZ1P3TCyAhLIKpB68W4PEoS3rTJXm1V7GP:nn/ViAs300OOMgXZ1PM68WBbTJXmfO","tlshash":"3ee33b1ab587e1aecc2ae051801f1934e1262fe9d125d086f738cdd496d8db83b7e72d","first_seen":"2026-01-20T14:17:30.564514Z","last_seen":"2026-04-08T20:24:41.824864Z","times_seen":126,"resource_available":true,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":350,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"63:D1:AE:99:1E:49:D7:6C:71:F3:BA:F5:BA:47:74:1E:EB:90:E7:D6","sha256":"69:90:BB:9D:82:60:82:88:FF:CE:F6:B3:3D:DD:B5:B5:FB:F0:56:17:FD:FA:0D:BC:9C:5B:83:51:98:0D:2F:CF"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 25 Mar 2026 15:52:23 GMT\r\ndate: Wed, 25 Mar 2026 15:52:23 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":565,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2b7a8d84952a9183b106df19f711324e","sha1":"a92c5e12b422bba9ebb447e1852d9681487361bc","sha256":"282801a0d182035440d5ef6d429d227126d2e6720a52b91d31a7d746c758154e","sha512":"d7ef3f86fe9fa5730a118c688b8f779e82ec3695df5ec48953905ed078ef4d78a3c8005021574d936f69ff0467968b6e68fbcb0680894470abf8f26200af2e0c","ssdeep":"","tlshash":"c0f0c064be0a988566110c42370f3f164d1d401fa80ac8fe8b911d4c8cff1bb134670f","first_seen":"2025-09-17T21:11:07.996842Z","last_seen":"2026-04-08T21:25:21.813237Z","times_seen":32685,"resource_available":false,"data":null}},"time_used":604,"timings":{"blocked":284,"dns":1,"connect":9,"send":0,"wait":20,"receive":0,"ssl":285},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/core-js/2.6.9/core.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27060\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e2d-16793\"\r\nlast-modified: Mon, 04 May 2020 16:09:17 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 357348\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6KMGvUez7mXnFbhRi5twjidJXMmXZnFezA7p3mN7nDFixwjl%2BKHf%2FlgTt8WXEyzTJ65%2B7ODOkeNWSVPo85jZDGyO64DaHWQec018wN9e07Ip1Tk%3D\"}]}\r\ncf-ray: 9e1f15166ff735a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92051,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32000), with LF, NEL line terminators","md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-04-08T20:24:41.780964Z","times_seen":1274,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":13,"receive":1,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-2232cdce.9ea87d6e.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-2232cdce.9ea87d6e.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2a3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":675,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (675), with no line terminators","md5":"1c45f5d00044828f6731d3b19fbb5d20","sha1":"a54da32a2c9a2cf722946ba08e0dfc786151f32a","sha256":"8dab559fa7fd40bddc56d28a07aab471b6269e17c14689034f08da90989d763e","sha512":"6125f075397f81677d3892e739def54516000c968acf3df423728a673897421695bf0e00f91c95b81e914b0c2dfaca1cc0fbee7df77e41b4deb39b869ef1a5f5","ssdeep":"","tlshash":"ff017b2bf08c0655c432c0416ad41eeb802f752262118ef68d87bd65be8b347e448646","first_seen":"2025-01-10T12:51:25.86171Z","last_seen":"2026-04-08T20:24:41.839428Z","times_seen":480,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-fbee9466.89eabb0d.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-fbee9466.89eabb0d.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2ef\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":751,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (751), with no line terminators","md5":"924a3a05affe03bd5d73e3d3c5a58867","sha1":"79a19ff62890e2545a230789cf9bd2ce2db3d904","sha256":"cd346f52cceb6960c66bec2dff6ab02da4060a163e410ed1ff334be24e0e4452","sha512":"638486c971c665c0999cc3c241472074edc22f365621abe5eedd953d7736847dba9d4cd7753517f56ac4640f4218343f531c51c6abdde8978bbd44f8e47e57b7","ssdeep":"","tlshash":"ae019ce8394c11277d77c7ed747418e116311a3280c08fa1597cb070ce4b5a523f5a5a","first_seen":"2025-03-31T13:39:50.476557Z","last_seen":"2026-04-08T20:24:41.845577Z","times_seen":349,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/lib/flexible.js?2222","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /lib/flexible.js?2222 HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:23 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-fe1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4065,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1572c9446821f8b1dc1136b64b44e739","sha1":"6a786ef63db48581f50e85601ef4a3effe8bf095","sha256":"264ef2e4767a942ee634794619d94edbd7da642cb79277c16b974cac9795c246","sha512":"4283dbb16b94c7db39673fb92808835e7f2ccb34f64502d0524cd571fb28e91c82abddcbf1224d4b83c1fb30908c96a4d16b604b22ef0f491c2bdf2d00213598","ssdeep":"","tlshash":"5b81322806e322361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-04-08T20:24:41.838832Z","times_seen":772,"resource_available":true,"data":null}},"time_used":1281,"timings":{"blocked":545,"dns":1,"connect":178,"send":0,"wait":180,"receive":0,"ssl":369},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/da09ff62278e4951d108a76a2431b173","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/da09ff62278e4951d108a76a2431b173 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"da09ff62278e4951d108a76a2431b173\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: fb11a91aed774cebb38a2b563ebd13e4-67d8d89c\r\nhandle-by: img.susercontent.com\r\nage: 104718\r\nx-spcdn-request-id: abec86d55c006ea15744daf8c2ecaf81\r\ncontent-length: 214505\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:26 GMT\r\neo-log-uuid: 16669552547723270451\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214505,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 750x750, components 3","md5":"da09ff62278e4951d108a76a2431b173","sha1":"55d01d0ff6e98d6036c478b0e837dc8052963025","sha256":"d8c7fb07cc02c717741680efff79af89781402d627a19bb1484fbda51de51506","sha512":"297f4e080d2457e89e1d06e48093c3961bc47acb27a987420e82b06c66a059a67a53c835fd3e36bdfd17fc2bfea522686e5606f29b5f264e75498aad40b92984","ssdeep":"6144:oChNUEFDOQ3xDRzv8uWNevFZcGmfLHylaWe7NmDx:oMNUABBhf8sZ36LHyktmN","tlshash":"9b2412108d1c82255b7d5352d23e648b7970db6a82ffc408536e1fdef7c920aa86b72d","first_seen":"2026-03-25T15:52:57.119452Z","last_seen":"2026-03-25T15:52:57.119452Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1482,"timings":{"blocked":594,"dns":0,"connect":0,"send":0,"wait":260,"receive":628,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-fb459430.bd9969bf.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-fb459430.bd9969bf.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1d6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":470,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (470), with no line terminators","md5":"70d16a216ef809a3099eb454f0301556","sha1":"bc079753a85ae41c1dea8010f4aa40ddd030f15b","sha256":"a7e8304da6921b1aadae0552aff571ad2dd3744e0941d37b2595bf3138279c6c","sha512":"132a6bfe81c5eb91c56c65ef153bf6435cef8edc6e95cbf3aa535f6b44569c8ee9e171755b6278be890dd20e81054c2525229a5c01f022c8c72d6218e7c77c54","ssdeep":"","tlshash":"d4f02093399e807e0477e6c5d0521d6543d4b73582425b836eaaba3098832873830b84","first_seen":"2025-01-10T12:51:25.887797Z","last_seen":"2026-04-08T20:24:41.810086Z","times_seen":480,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/websocket/server/info?t=1774453944367","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/websocket/server/info?t=1774453944367 HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nCache-Control: no-store, no-cache, must-revalidate, max-age=0\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"6dd9a9bc1c3cfe44d33c3194818ebe12","sha1":"e859885246cc412fbabf1ef837f116983de38b35","sha256":"c5e7eaf9095beafba45a8b14f663d72f91f4dd1557c06cfa2892a3362af37963","sha512":"b6a164281f7a2b4c2725c1206ff5e8417caa22493064889a0a20933925ddae6068e89140fa67d70c4010cfed5493ded959e93b2911afea770f2dcbc7afcb30f6","ssdeep":"","tlshash":"4ba0241fcc3c3074544c3f0103001f07541c04f7010055fdd11d35f401d10110010147","first_seen":"2026-03-25T15:52:57.122806Z","last_seen":"2026-03-25T15:52:57.122806Z","times_seen":1,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-1ae0d026.b7b2afed.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-1ae0d026.b7b2afed.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1fe\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":510,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (510), with no line terminators","md5":"c92ecb7cfe406e6db3138f17bb8c156f","sha1":"3843aec44f19cb9f0e1e2faa9869f67764c3256b","sha256":"ee9b5957ed2f73d18209811c66d7ddb231089550f344c21a8be6878da3c514e4","sha512":"a56c4a0dd66be71f7ccbba8c8379c6133f1127b908dbf24f0bf3e1e2c0b432235a049b1e7b676df927915f44ed683694fa8f21cc4bc45f3110af4c7439394c74","ssdeep":"","tlshash":"94f09e26d0114508900bf9343ba0071691e4f02be69333ac0c5fe666cfdb4c70af9789","first_seen":"2024-09-29T13:50:37Z","last_seen":"2026-04-08T20:24:41.84932Z","times_seen":541,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-6e4f04a4.5a255384.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-6e4f04a4.5a255384.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"61e2bba3a72b590e1223e0428d00de84","sha1":"36ee41d679d6e52cb18d786a076641e54ec932ca","sha256":"d2e81b03a1686104de770d618c2b38bdf2a667382dd24ddf24913420bfa5fe54","sha512":"d8018d3e835a37a4250e876505266890f25938e1de02cf403a63d46f4d38a89eeb4756dddc1337be4c89bbf63db1aa381bf806b0e390aa0c890247050e319b3d","ssdeep":"","tlshash":"54b0924829cd0092ac9fd0e0a02044c18212a322ca120312ab20947c8d930f82169a16","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-04-08T20:24:41.77131Z","times_seen":702,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":428,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/d3935668b7d3435696ffca56e36564b4_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/d3935668b7d3435696ffca56e36564b4_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 143443\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:27:12 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":143443,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"90f1b57fc494b9f239024c3ba154fbf4","sha1":"97638429e365355e6fda0e650eeca40fea1e9bf8","sha256":"cf4015cc406fd0b4392852f83e54b33b631154928246f2a5582e8391987cdc48","sha512":"463a199b032adda5fec9bc37407637a8733b287f46ea6a736e0e3a80ebe1f357781f1cd85da78a58e656a384dafa1709421425ed43506d27e0b287f5bec3e743","ssdeep":"3072:66ILqn7d3KfwBXKkPdaNig4Nn5FXdiKLc285LNflKf:66IL6tKWDEt25djLQNm","tlshash":"60e312eb8d143923ef9cd3115ada0265ca65cf31d68973382c786addbbe2b90134c56c","first_seen":"2025-12-18T19:47:47.682993Z","last_seen":"2026-04-08T13:03:05.132181Z","times_seen":201,"resource_available":false,"data":null}},"time_used":1557,"timings":{"blocked":1209,"dns":0,"connect":0,"send":0,"wait":174,"receive":174,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-7dd52cfb.22305141.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-7dd52cfb.22305141.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-deb\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3563,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3529), with no line terminators","md5":"7366e2843a611744e4283c9d3fafb6dc","sha1":"f801ab9804692885ff7960297da89067f6ca13ea","sha256":"c4c8ae0d46797a33adaad493835f11d1964158be41388fea2c098da31367c91a","sha512":"d5d04c8046b57551c6572cf94a5aebe2e53ee890dadf7d536cb4ad50f68715ff809833803c898ac905a88368cf45066fb532711163a8eb97e938e805618180a3","ssdeep":"","tlshash":"0771225cb0c3f028896eb036611f217ae5357dc55513d590af24cee0ba65c3c632e6de","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-04-08T20:24:41.76955Z","times_seen":544,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-189a2af1.2e2a949a.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-189a2af1.2e2a949a.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-af2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2802,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2802), with no line terminators","md5":"966516d12c4531cb81cf6ed4b46ab92d","sha1":"b8ed7747738ba4f4d5826a71013a5193efcb474c","sha256":"972fb6c2f201749077d73381916e96c62b0271d542500f660aebbe9d6aa3267a","sha512":"15bd68e669e7d30dde5e6cd28a725ab79fbd48dd1fe8f335981bc28d71b72c7c9261a67179bdf6dac513fec536965303ce5a244cc3f0da34fb55f2ab95ad7dcb","ssdeep":"","tlshash":"aa51133f6714771ba027e85447d80faa0218e227f11326ed1d1b9a25cbd7ba60f6d48a","first_seen":"2025-01-10T12:51:25.857427Z","last_seen":"2026-04-08T20:24:41.848843Z","times_seen":513,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-37bdd3b6.ab3049c9.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-37bdd3b6.ab3049c9.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"bb2937d5e125d43804baced3df0e2324","sha1":"f05644aab014d7d97bbc85608cf6780c493a05d2","sha256":"e00bf1fa5fb4cfdbc444c4bec56187a9791039e97da5321313d77004d0c64465","sha512":"836ce5593797ed06b6b9e4357d2caae8f7327368f4ad152df77817d74efa3c8d3728445ccee4b72549ec7890d90716a58d56f0e2d77adc14c5d1adc46d9e62fa","ssdeep":"","tlshash":"40d0e9f2551994b98a3bc22500dc7484196bf626d1675189ce829a282dc63013f7425c","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-04-08T20:24:41.751155Z","times_seen":592,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":388,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/static/theme3/tabbar/home-sel.png","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /static/theme3/tabbar/home-sel.png HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 678\r\nLast-Modified: Mon, 19 Jan 2026 17:07:34 GMT\r\nConnection: keep-alive\r\nETag: \"696e64d6-2a6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"77799daa36d79f46d4b281b47653ed1b","sha1":"55373be89e5b80041a0498a720e73db384b30236","sha256":"72587bba2c08d4d3224cfd5c5be4be51b84741142696938d00361e372d2c8813","sha512":"eae2e0e6d68a4b7e1542cd846aa3fb78cb007b0a62f860425bfb544b1c89c9d34eec213d2a344353a0dc30521f4d529edb983f7b4d2c1acfcd1e54cbf7fec813","ssdeep":"","tlshash":"43018393f30668269ea14ee7c33f9178e088c99715e864696a82843d1370ba8f52d267","first_seen":"2025-03-03T23:57:52.309985Z","last_seen":"2026-04-08T13:03:04.994727Z","times_seen":250,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":269,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-7721dd77.435b277e.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-7721dd77.435b277e.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3342\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13122,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13122), with no line terminators","md5":"afa8c144cb9a731467483205850e245f","sha1":"ba2b45fdaf5dd66d052b9c61fce85ca0ffffe883","sha256":"b3bd51359c248396e2ae630372f5e6dc315c35e7ca4cb9cb305a52f05827551b","sha512":"8d97ecf43e0b92d40330e3638c9c35e69ab5e26d61da26daca6d0747daf2855a739c6c477a3d2a322d4a1d61510d1b76218ef1450bac6e4e8d9b8b9d0e5ae0af","ssdeep":"192:fAJi5ylzEJShKcliZRb7OZBu5qdzWrxb1UMlfB1cH:ft5yS48ZRb7O+kCxbOMr1cH","tlshash":"24423a70bc641cbe333ac5aa315064985e26f453d1e14ea9f41f77a88fd71ca1a26f32","first_seen":"2024-07-02T22:35:07Z","last_seen":"2026-04-08T20:24:41.795815Z","times_seen":640,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":430,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-22120-0tfmlfa4rdlv17","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-22120-0tfmlfa4rdlv17 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"57b8daa174fbcdf8a9d351b0de6f3167\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 5639ca0be0294184869e780e7c375dde-68023172\r\nhandle-by: img.susercontent.com\r\nage: 0\r\nx-spcdn-request-id: 24db4061bb36dd6b4641e08c1a2cfdc6\r\ncontent-length: 271218\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 12929193142631666583\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":271218,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1024x1024, components 3","md5":"57b8daa174fbcdf8a9d351b0de6f3167","sha1":"69ecc0d9fcba15d765952d2ca04700574434ffab","sha256":"9e9c372584f4f9d1501776c2833e168aef2bdbf63bee5bd46f209da8489512c0","sha512":"9e0c22394e5d4cf93fa5800b2d5a43a229b949557f1098b9a5477d889043fd0b5d5703a798d17be0bb5feb99a40e3bf68edee0e75011e5ff1befc076e37c9ffe","ssdeep":"6144:+gpba6gKFn0BYBX1RiwfWl1KKeGIBtgHoDfH+XJRkZtq5jp:rpb5Z0BYj5+lIKeVtOoDH4kTQjp","tlshash":"734423d6721520f046b54b87f3f132df886ea63a87ec94824d626a31dd8c0c2fc675b9","first_seen":"2026-03-25T15:52:57.132324Z","last_seen":"2026-03-25T15:52:57.132324Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3227,"timings":{"blocked":672,"dns":102,"connect":242,"send":0,"wait":1498,"receive":397,"ssl":313},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qveb-ljmnloytfsou4f","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qveb-ljmnloytfsou4f HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"9611a21b4132ed480e9897d4675789b1\"\r\nserver: nginx\r\ncontent-type: image/jpeg;charset=UTF-8\r\nx-mms-request-id: 1d7103a77d184a809af6a7c920c1ac46-689158f0\r\nhandle-by: down-src-global.img.susercontent.com\r\nage: 219251\r\nx-spcdn-request-id: 732a92e9a68e000263649adbc21e5d0e\r\ncontent-length: 300558\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:26 GMT\r\neo-log-uuid: 17128649306355990598\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":300558,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"9611a21b4132ed480e9897d4675789b1","sha1":"4678afcc58bbd10c207a44ff57700bbf3c691fed","sha256":"357fd4dbbe553faae3bcaf2fb2f46c569d3503b9c93372e71fa862f74eaf132a","sha512":"c195dabc7464b98006a1400642fe42bee474850541bf8eaeb1de5f000cc0a533c0ec3342f1b3047c7f29b4c3991f68847418d2f6d15954966f5e87ef5a4a9ba2","ssdeep":"6144:PRnqEXS5lc20+002XS8TNyGe7sYMQ1FLqJinFU:J5C5XF0h3IpnjFLqJine","tlshash":"c354ab651b2bdd9fe064836b84c67e2c656721717b4caff0e11bff08c215bb8e046296","first_seen":"2026-03-25T15:52:57.134569Z","last_seen":"2026-03-25T15:52:57.134569Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2578,"timings":{"blocked":591,"dns":0,"connect":0,"send":0,"wait":1356,"receive":631,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-9bd26c66.8caa504a.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-9bd26c66.8caa504a.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-217\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":535,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (535), with no line terminators","md5":"2f8377a82a17363daca0aad917da18f5","sha1":"6d2760224fcd80f1da477afad92b663e588e20b1","sha256":"07c7e560a498d97a493f353afe8ba51806f63b99cb64c599548a7c63a4b4e2fa","sha512":"7bbd1fb7a50c4caaeb398070cb105045891211d3e35abb0880f2787916ef195ba842df198d3d0bbfb51c8b68aca547256183606052a90352c3cc01843a236930","ssdeep":"","tlshash":"04f0f6a2ba183036f43bc53578e32884bb00a7a753bbd4a2dd438b11cd920937236b4c","first_seen":"2025-05-18T06:03:19.663469Z","last_seen":"2026-04-08T20:24:41.847801Z","times_seen":360,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":97,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-b697e706.bc135af5.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-b697e706.bc135af5.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1562\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5474,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5474), with no line terminators","md5":"ad97783a5144620d45e0f4ae10afd21a","sha1":"9c9f5cd2a7ab9eb5f0226a37c35d3f640ca0599d","sha256":"72227fddb85e6f011800bc8a13e7611d5e6be279410387ba26d257e48d7736d2","sha512":"dc879865a7e28eae6e12caa5d4ae952d569a6601b68a266cb7fc809dc017dd29935e8cde9b8473f976f6f876a233e899090c5d3f820c0ae759c378ca673d9780","ssdeep":"96:CKLWYrYc/1Mk8Jl3kl3+l3vWKfWhjcWFzwl3E3p3B6dl37i/hkG7fA8:CKLDek8JlUlOl/WKfC1FzwlU5Ul85","tlshash":"31b11033765c1218b03be8d1696525f68154fe17e21287facd563e30dec79832de364a","first_seen":"2026-01-20T14:17:30.612706Z","last_seen":"2026-04-08T20:24:41.771903Z","times_seen":126,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/country/list","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/country/list HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":144,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3f298bb0ac3540cbad44910fb093be64","sha1":"6d19b9441aadc961bc7eb9e603f1e89726f7856c","sha256":"9d27cf53ecf5a19b4eb932ac6fdfbc476101f3854236fb3b15f922b293a0fcc5","sha512":"8146f0151618d4eeef50b085efe220aa791fcaedc99f59178273f5ad4e84bd9a4cf339f8708c87da8f24cdd8b42f1a0eada61d035859fd2544d9e91dcc093561","ssdeep":"","tlshash":"80c02b8a720cacfe47508003440dd36928bd00a6fc883c295ece9f65c1466f0021c827","first_seen":"2025-01-10T12:51:25.837389Z","last_seen":"2026-04-08T20:24:41.836776Z","times_seen":250,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/3.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/3.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 8867\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-22a3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8867,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"e4a31cebcd48ee42064cf018c7f7ca39","sha1":"cfdfe2bc0addceae1a278b3200f26e892442a012","sha256":"4817a82e06c2b1293ba0c004e25171fad0907185d9f908071da98073c97af82e","sha512":"5f275514fa941b217090af718ddcd3f5e403d79a9202f3743bf25eb1420f6eb906b99f75f0802c9477d012c255b7896c754912b9d97179d96942413ddd5aa536","ssdeep":"192:BoBlcRpVLro+q/cXMr2nQFlFyPztChcQfxo5Z1S:NRpBro+q0MlaZGs1S","tlshash":"86029e15f0156c57a63bb6a6836958c0bc09d18e30860c64d7cebe997365ca5cc40ffc","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-04-08T13:03:05.139321Z","times_seen":272,"resource_available":false,"data":null}},"time_used":1172,"timings":{"blocked":996,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/5.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/5.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 80247\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-13977\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80247,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 787, 8-bit colormap, non-interlaced","md5":"af912194c0220ac8509ef46e55f12d0e","sha1":"cd38228a5fb07c66972682299373defedb825281","sha256":"d55a75cd237e29955dcaefcb734cfb17a07a9e1046e8b049458070d726b5a076","sha512":"667efd70bc771754effc1fb9c6db95bca5352e9ab3c81cfbc9d38f101ea335592a5da98f78cc08f787dbd8e49789c7b25dcf1edbb0f529e05c26cb7638aef1ac","ssdeep":"1536:6O6hpb3eZ5fb8UEfnCYVtm0ipqX/mye7BmiYCHcSAlk5ak8SvycLwL3DlTF:spb34D5wDMqX/k8ilHdAlkuSvt0r","tlshash":"5773029327b43804d55abbb97a0b481098173b7307c189dff2671ed6ea6346ff4e0289","first_seen":"2023-06-13T01:19:11Z","last_seen":"2026-04-08T13:03:05.021598Z","times_seen":241,"resource_available":false,"data":null}},"time_used":1556,"timings":{"blocked":1204,"dns":0,"connect":0,"send":0,"wait":176,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2232cdce.bbf14f04.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2232cdce.bbf14f04.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-4597\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17619), with no line terminators","md5":"00143820da7385f7be28bf1e4a8a972a","sha1":"b0b4706b8b2ff718a957d187d14ca552cf307c49","sha256":"342eb92bdd7693ec213999e94ad0878ef1fe26916499569a6e2b4e70386f8856","sha512":"698975a093b7f710a41e0a1eaa4f0621a902d66eb832ce90f3e80367751842d2a24caf3e171c42c0baa740d98e61b078640238bc609f7d8055179473d87bcffc","ssdeep":"192:cN3zkwOxCcgpCU91Rmym6bJ14QYsdUcc6c7+Pj6zjRn+sDZ+wFLiaU:cNeCcgpe6bJ1nlb65ewxiaU","tlshash":"ff828818b5c7e6ab9caa9021443e3525e1323ed9a026e186ff34cdc46968d74371df3d","first_seen":"2025-01-10T12:51:25.900233Z","last_seen":"2026-04-08T20:24:41.833394Z","times_seen":468,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-543bfd0b.5f1edeec.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-543bfd0b.5f1edeec.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13c0\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5056,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5042), with no line terminators","md5":"acba08223d64cb5bdf9a3c3c259769ec","sha1":"f4803920d88373beee4a148c8e8f08989a06154b","sha256":"0110e7a3b8f793d5663658b622b15ab0098d3d651ad72ce03afc3d9bb3e97df2","sha512":"575bf27a75e9b05a02e75debaab52312548ddcdb044a0b146c48036ff2e937533ae26d42b921c830e51b80af8f7c5df72c161786c2f4bef1b070b3fb5bfa2b3b","ssdeep":"96:APDprdN0BH8e6B/oNzGxNvFMM+ay61C96Du5HteFo3VyaDUMTb:AbpJma9/oVwsMVy61CMSFRKMTb","tlshash":"afa10739a3d892dcbc1fc64fa61a2994322b058d72025545a2a9cdb0b2539d89f1bfcd","first_seen":"2025-01-10T12:51:25.917184Z","last_seen":"2026-04-08T20:24:41.839955Z","times_seen":468,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-cefa4dd6.2caf92d9.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-cefa4dd6.2caf92d9.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-e4a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3658,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3630), with no line terminators","md5":"c7f69205f475f482c05d51dcb8484961","sha1":"6d530241b630019e437f2b8543a543f73ce148b7","sha256":"cb22d21841975cd5f299a45ec3da20a1a55ad797e17448752b0644ffcaa64f66","sha512":"d74c7ba27a37d586252e6e7bbae4dbaedbf86eef8e95949e2f2df4bda59803182b5d5b5acda0f2c926cbd7b6c446fc3d3c7405c78f63ef5bddda0a9547ff5e73","ssdeep":"","tlshash":"2071846d7587e15a8d63b062402f28b4c0b66d88710a74d6f734ca9565a84a02b3f7fc","first_seen":"2024-09-29T13:50:38Z","last_seen":"2026-04-08T20:24:41.749462Z","times_seen":523,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-f045b624.0bb3fef0.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:29.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-f045b624.0bb3fef0.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-dd3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3539,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3501), with no line terminators","md5":"554a2852a05af8553e8e9f6cbf2b5132","sha1":"1206ffd47ce7ab7de3d8f0229614d79219600aef","sha256":"49c61b9fb83317412a6cb9cda4815f38c69ec4ee61c95ccf42aa9facf4ad9a0d","sha512":"3f040fa363895bac88511a58016662b54d0604381c735f901837718ef05b336dd814e7b9fd9850491841b7e5b89e1a378751a1921894ea21f1fb51625e41d813","ssdeep":"","tlshash":"04712204785beffdcc568051582e2731f1653fa9c436e082fbb0cbc85a909b6576db29","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-04-08T20:24:41.780061Z","times_seen":715,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"glowremotely.com/api/websocket/server/412/mph4uxne/websocket","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/websocket/server/412/mph4uxne/websocket HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://glowremotely.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: g9M1cnCDAcWEHtZ8hwq8zQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nConnection: upgrade\r\nOrigin: https://glowremotely.com\r\nUpgrade: WebSocket\r\nSec-WebSocket-Accept: zPXjg/jYuOQeCeJxnLwN2YQbiak=\r\nAccess-Control-Allow-Origin: https://glowremotely.com\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nSec-WebSocket-Location: ws://glowremotely.com/websocket/server//412/mph4uxne/websocket\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T22:38:16.30651Z","times_seen":13517643,"resource_available":true,"data":null}},"time_used":849,"timings":{"blocked":144,"dns":0,"connect":174,"send":0,"wait":176,"receive":0,"ssl":355},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/static/country/id.png","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /static/country/id.png HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 208\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-d0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":208,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 151 x 100, 4-bit colormap, non-interlaced","md5":"ec86910990aa46ace7ede9b7376c1019","sha1":"6f3fb36ece67a129f0c58a77c6f617cd04f23731","sha256":"cccf07d963c80baaa0dab594a4a8d58725716b95934338bc95ab5f71dbdadc7d","sha512":"39233eba11996662d6c977a51b8b3ac3d5f50bd82a661b3912f03675b501fb01ef3bbe162243ac1e6e5698bbb97b292e5e5563ca4396f29ad9eb64a95558a5ab","ssdeep":"","tlshash":"64d023d375103d3d118d01de4fa30083407041cb1c05d5a6b41750359df5201c199d45","first_seen":"2024-06-16T07:39:15Z","last_seen":"2026-04-08T20:24:41.789575Z","times_seen":494,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":420,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/static/theme3/tabbar/mine.png","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /static/theme3/tabbar/mine.png HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 4660\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-1234\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 138 x 134, 8-bit/color RGBA, non-interlaced","md5":"9257d7d41f0aeb65c674ea3ee19ef1b4","sha1":"826e3ae0ef20a7f48f69fd5740ff48212d05ecb0","sha256":"f4e0220e488ebe9e5176c587603b0756cc755a8649c13344aea8652d57cd5562","sha512":"e459264955355f76655df49a7ee28a76e31b84ebd37a8fcd2703d011b8eb29696ed01177dbf79758c952b29802b4afb7da894aa869b6e6c596f988764a444de0","ssdeep":"96:F9ICo03ee/GROo9AO7s0BPYx6GYWNHo6JxG/jgIZpEN25Vnj802NKo+pTp3p1:4L0uqrydGthNI6DOgIZzVnjj2NAp3p1","tlshash":"95a16e1391ede97e449c890166d2053db96b3bf0c68897f4149b2fdcd3b0e72b6810b8","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-04-08T13:03:05.071191Z","times_seen":419,"resource_available":false,"data":null}},"time_used":500,"timings":{"blocked":324,"dns":0,"connect":0,"send":0,"wait":175,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/a4d6e8cb2bfc4814a9ead1b1e4cecd74_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/a4d6e8cb2bfc4814a9ead1b1e4cecd74_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 55665\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:27:37 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55665,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"2bd31655f9e65cb1d43a0c903ee6a243","sha1":"ecb30db3a1bd4c332f7f2a086f0a75bac42875e2","sha256":"6eda2102821ae838afdc1af8f9146f61d4be1aba1bffedbd12e655163668538e","sha512":"50a9e96a93d263352c153db683d10400a2a3355cba82941a40cb6d2a037744fbe8b3f3c5df644a838546d15cd5d9b8e9ba75c8076236fb2bac95d1562dd18d7c","ssdeep":"1536:TuagQB0+MGH0JO6nJxdvf4Wm2xwKbZ2qJQ+YTjE:qlQ5sO6nvltjZ2qJQ+","tlshash":"9343e00bfa48eb56c74156fbd6534dc0430b2636786b36e7b92268cbbd305722cc958d","first_seen":"2025-12-18T19:47:47.644179Z","last_seen":"2026-04-08T13:03:05.131134Z","times_seen":201,"resource_available":false,"data":null}},"time_used":1061,"timings":{"blocked":-1,"dns":1,"connect":175,"send":0,"wait":352,"receive":176,"ssl":356},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-dd580cf8.3b8d239b.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-dd580cf8.3b8d239b.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-181\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":385,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (385), with no line terminators","md5":"da304e91f724c981b86055b5b892242b","sha1":"09113eb4172667d4e4b89785a76899e15a16706d","sha256":"2f621728e4a02dcb2938d8d5e36bd42b2d74ff924d44bafeb4dacce343ecbc6a","sha512":"04c4ffa9390f2d410b78681160fb8a623308f0a8b2afd6688bcdaa499ee9aec0aaf19d4b952b951acb2372276faf9675dda8dd12bf7fa866d5984aa836dbb632","ssdeep":"","tlshash":"6ee092c4f4986255b137d28f56e5e7d93c45b667e4060b24fe5ae8398c036b6302274a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.772485Z","times_seen":752,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-084d1f6a.31bb29e7.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-084d1f6a.31bb29e7.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-8b9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2233), with no line terminators","md5":"6d1e84fc4b61c6683564a45c32f0097d","sha1":"7e26ddd6edb9b8ae436078ecc7f082340241d77f","sha256":"4b1e9de73b5606cca982dfd7e671a632ddbe0f9283371590d28f327fefd0e5cd","sha512":"8857c181816e1e1d55a1cc193251cfebfc8f93d43958a0fb213014af6c8d7b39150cb81814158bf753b3c5151c13218a972ec578f87a9eee23a960e1cea81e59","ssdeep":"","tlshash":"d941a9836d091145b42b9e1093ed0a60526ac76399231eef3347349b87c3feb22b731b","first_seen":"2025-03-31T13:39:50.439798Z","last_seen":"2026-04-08T20:24:41.822889Z","times_seen":379,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-df347502.fa343716.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-df347502.fa343716.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-25997\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154007,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65006), with no line terminators","md5":"e5044e7f519706388a93765e3ee63fcf","sha1":"2b29363ce1134605f9992cbd9e5cdf9ba554d329","sha256":"66839891fd9fdca1f3fa9abc65a3f39ad53936731a1a7508eb6a00215fa1f2a8","sha512":"ca6907084adb9729115b88a1421ba7f64491842d4e4f6299e9cb1fbbb4455e67d697d10aea99fccf085acc030433fa11855e114984e712af7d4fa23d24775bae","ssdeep":"3072:hNn/ViAs300OOMgXZ1P3TCyAhLIKpB68W4PEoS3rTJXm1V7GP:nn/ViAs300OOMgXZ1PM68WBbTJXmfO","tlshash":"3ee33b1ab587e1aecc2ae051801f1934e1262fe9d125d086f738cdd496d8db83b7e72d","first_seen":"2026-01-20T14:17:30.564514Z","last_seen":"2026-04-08T20:24:41.824864Z","times_seen":126,"resource_available":true,"data":null}},"time_used":533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":355,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-543bfd0b.0b806ae0.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-543bfd0b.0b806ae0.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-6e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"816d80b42a21f216380a30e6500d6f7a","sha1":"3756ef95852f0629166368525773a88d8e0bdd89","sha256":"4b85d91cb2ba95400d06be06c2c8ebccb68766c332ac2a914cc9678316febe8f","sha512":"d74f393865683c8d273204abd7265ddf1318b48225d5c3978c7edefb9a47fe00656111e68f20c561c2c77e10b9568ffe7fc04292d5cdbcea0e964dcdadcd1980","ssdeep":"","tlshash":"4ab01200b81c050f02ebf348a274d88734383993cfa8133d3db0c9b08da31503402c81","first_seen":"2025-01-10T12:51:25.868363Z","last_seen":"2026-04-08T20:24:41.823398Z","times_seen":483,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":226,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/static/customer/kf.png","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /static/customer/kf.png HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 10556\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-293c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10556,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f7d80a98f6b59aaf05ab54c405bffe89","sha1":"db5cfc26f716a362d10f81633934d9f01c523ae7","sha256":"ab41101111ba6bf6ecb5ef0aa35ae339cb7b2f09517eff9914dd69c65271ee03","sha512":"03bc2ef07c105a6562ba3bce8a0040db8a5f5efba951a12d19bc2d42b3abdb16b1f20ceec2c789ba5614d3ad07e926ebf293edc66ffbaf92b867410085a3bb47","ssdeep":"192:qX/4hute4ReiK/MhLbtUNdZS5eYQOZj9TND1UQBIJg7G5bmVaGal3a:w7e4vKENEZS51N9T3UQsgS54cK","tlshash":"ee22bf736860bb28794b3ca93fc9d55109c5bd24cac3c214956a92617cbaa9037df0d5","first_seen":"2023-05-03T16:46:37Z","last_seen":"2026-04-08T20:24:41.770752Z","times_seen":705,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":477,"dns":0,"connect":0,"send":0,"wait":173,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/095cc8200197088dcbd0c4c4ac96b1bd","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/095cc8200197088dcbd0c4c4ac96b1bd HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"095cc8200197088dcbd0c4c4ac96b1bd\"\r\nserver: SGW\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 7b10f0c495b54dc6b6912e29fd097551-69abd4a6\r\ncache-control: max-age=15552000\r\ncontent-length: 178027\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:26 GMT\r\neo-log-uuid: 14464381330492056891\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":178027,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 600x600, components 3","md5":"095cc8200197088dcbd0c4c4ac96b1bd","sha1":"16667e22c332cefafe2e34c45695089c994ae99f","sha256":"da035e9fc9eee9f9620514f667cfe1fda15eb2ca62dbd644ecf27e2d345fc87b","sha512":"48138710d9faa457fc6ed5280381fb99a83a00ed0d69276af4f9f416bcc3ae32bb46592ef8043bf2861f5e81be77f03233b68f610974cd5e1e5dc3106f673236","ssdeep":"3072:4NWAyoyPvrU/mYLT2pbQHVVTkSxQvZYuB+H1bOggghbvSqyMBQgPJOLTnl4p1IY1:4sAFZTcgVVgt+VqK7NKMJOda131","tlshash":"58041247cd208712a56c41f87e93290979379b79055683cb46430ecfbfaef251cb9a8c","first_seen":"2026-03-25T15:52:57.152737Z","last_seen":"2026-03-25T15:52:57.152737Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2382,"timings":{"blocked":575,"dns":0,"connect":0,"send":0,"wait":1205,"receive":602,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-5c9d0d19.68c5aa56.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-5c9d0d19.68c5aa56.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2ae7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10983,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10905), with no line terminators","md5":"303c1fcc5622ea9b77c65814e59f70d1","sha1":"0434defdddeddbc04ac27471262e5b28623c33f0","sha256":"e1cec4a2cf47193216e9610bdb8bdd04e31f9b45fa03c40afcf982fbc10fc992","sha512":"03988115ddf9b3fb28d9fe14413532ece4fb3d17d17a119a2b08293f9bbebab9ce1470c029281c7cbb4047d46fabbcd18b4678659bd0bb62d8282dd443fa8dde","ssdeep":"192:WwjcV8+s+lp0WyLAhU50QFB5+npu1JF1wR242JxAvuZy/0vnA1z+Wf3+jMMq+rUr:XcNs+QWglFFFaR2BTmMeXkQLMNjsLxFx","tlshash":"1732f8cce68aec270fe3b2aa343b30d5a20b902d7815141bf3b0dadd259f9415921776","first_seen":"2025-06-13T14:30:24.525807Z","last_seen":"2026-04-08T20:24:41.816264Z","times_seen":290,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-72dc411c.46ac94f6.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-72dc411c.46ac94f6.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-da5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3493,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3437), with no line terminators","md5":"8b4ea8ad78eaf5cbe82acd657598f6f6","sha1":"11c20300ed90f7b6e8c4e4c68c82e19a104c8385","sha256":"2e5535d67e19be4bd210ba0e3b58e674d7d737d73f000ef7bf3b9d481fee4a5f","sha512":"a50781f24cdb637a2308c8cb40a300b9ea58a6352bc9418f585d3d636d5025cc2e4e55a748f4be6bbe16cc23d119e7be18dab4cadf5a74c70fc240a22b97a0c5","ssdeep":"","tlshash":"1a71668c72c3f4590a77b135402f361ef165adc0981a5d81af64d5d63a6193c732ba8e","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-04-08T20:24:41.746054Z","times_seen":544,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-932adb64.fabf691d.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-932adb64.fabf691d.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3597\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13719,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13595), with no line terminators","md5":"3db019dd6954f9874e67fcb54cc10431","sha1":"e16e55da7ba80c46c6231385c1a32045c79a31b5","sha256":"c28857661ba5c6e48d7e449816878c9cb7b64529e216f9bdab600752abf40266","sha512":"dfd05947aaf6661c813ce960ad4737a79fd6a56d9badfefa1f4472a692b7ecf27bbdb19ffa80178acb939887fcbedcbb46e04492841ea48da8442a4eef586ce5","ssdeep":"192:Ff5EVraVcIJnPB+n4dFP9v6NYstio/jPmIcR25h:l5EcrtkNUo//cR25h","tlshash":"97527409b9c3f5aa8c6aa051402f2935e1363ed5a022f141ff34cde06a65c75371dbae","first_seen":"2025-01-10T12:51:25.929695Z","last_seen":"2026-04-08T20:24:41.843376Z","times_seen":467,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/loading.png?2222","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:23.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /loading.png?2222 HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/css/app.603ca045.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:23 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3491\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13457,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (8611)","md5":"4347341d9e269d50734f44cb71eb3cc0","sha1":"146e04a38cda3954b74631656344ec1f483799f3","sha256":"149081b8ea51a11d789eb9d20abd208acc70e8d2db7edde4885581bcf5b45065","sha512":"39b41d266b2b8b6fac0d3c5113e8ec549c44400b2b578af69458c686cbb17512cc1408e53b91246871c21309d1f6dbf9022a219d1c771b4f1b9d85c549aa625e","ssdeep":"192:vsNZeKIC+LFGSFGmQnqQnIBmADd/oC+hnYyQgiAQntyztM4/Z0tf+ahaOa0acain:vOZU2m+lIyQntyztM4/Z0t9","tlshash":"7c523b79d60161afa9d1dd9b9e29f72ac4eb8c7b2070e440b66d8c4f8f74fd40626483","first_seen":"2026-01-20T14:17:30.595031Z","last_seen":"2026-04-08T20:24:41.742908Z","times_seen":128,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-06ae24a4.686330fb.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-06ae24a4.686330fb.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-81\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.744764Z","times_seen":757,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-07f01604.ae4a2d4b.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-07f01604.ae4a2d4b.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-32\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"3bd570c6967ae39b5fcfa9cebedae3e9","sha1":"b7ac2cb7559f4ea4435cb998a3d269631b3438c3","sha256":"ac0ca1996105308274f8785c20413f7713649699265206279f286f7cf77e0784","sha512":"65b1d8a6f928103c1fbd797224a8483dc595b281ac9965f5f325854768403e9aa4b5aa8f32cf5e6439fe683ea6fcab1e8d9e9053ab75894f4e33781265daf45a","ssdeep":"","tlshash":"66900225652eb006917667163895051e4589911575528582920984975ca1183a150648","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.827852Z","times_seen":753,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-14939100.86727a02.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-14939100.86727a02.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-b5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":181,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"d767b20d058befb6c98cae9d3540410e","sha1":"684d5509c3be8409e6a48c75f83c4cf6af2de9a8","sha256":"84c397df3adc89e32d1c2389561375aa1e4e6dfca8abf83904d6823b23ebabd9","sha512":"aa60f6192d2eefb81b7214b48341cf89275a42cac953e8579465ea9257b68b77c56abec8d16bc840d0b01ed530b65d21ffe5eba7a0a9ebc611c2302b544ced48","ssdeep":"","tlshash":"68c01200fd9d2c0c11abd7c691a0b9dca9283aa2c990928aa8acef21bd431907801a84","first_seen":"2025-01-10T12:51:25.856543Z","last_seen":"2026-04-08T20:24:41.817735Z","times_seen":510,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-df347502.6ac9adb2.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-df347502.6ac9adb2.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-410b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16651,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16651), with no line terminators","md5":"d2696c0e2cf69c62af86f021189dc03a","sha1":"316f82f781689dac89c63c1e5980a485cf322f3f","sha256":"85e6c8935cfef86a0704481bd31643e1cb5bfaeb32dd0ae59c3e709fde6abf0a","sha512":"63c5c9a39c65f9cc31b6f105121d5335e5ac09c90544bdf716da4d5413f00be43026a66600e7e79191526e537f8475c51733a946e2ff87051c4f09a8bd1766a6","ssdeep":"192:DDXXnHjXTdlUvHdYrpMG2zIlYlpTkvQ8jF20ROlQlyuB7aekTYz8Elltl9lKtKb:DDX3HjDwfy0kvQ8jmQB3k8znlytKb","tlshash":"7072773b246c1328f0bbdf206a7c679c92a6e133e34116bd55426e30cfdb9da11b658d","first_seen":"2026-01-20T14:17:30.658134Z","last_seen":"2026-04-08T20:24:41.828815Z","times_seen":126,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-5a173067.53a2b734.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-5a173067.53a2b734.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":245,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"cc0b1c5556a569c8746b150d74f5c06a","sha1":"5aea86fb969662e1cb85c552c633a9257d381b9b","sha256":"58e86d4a9236520d6ac3714632ba2a30a239dad74de1d394b1252c9324072e65","sha512":"87a43a5039fc9c01e56ea7100da8eaf4c98fffc094a3b9fc8f067eaf24e981cd5881424ee956808ee58f021d44310c8629eab11392f7d74ed51d74efc85f0438","ssdeep":"","tlshash":"aad05e743f4c5876b49ef251254c12c413c09b57119083cbdee210399e078c0559b7e1","first_seen":"2025-05-18T06:03:19.592498Z","last_seen":"2026-04-08T20:24:41.851336Z","times_seen":330,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/cfg/202601/20/d7009b01ceb64a51bad66cb011b5f192_.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/cfg/202601/20/d7009b01ceb64a51bad66cb011b5f192_.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 86811\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Tue, 20 Jan 2026 03:25:25 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-04-08T20:24:41.747053Z","times_seen":217,"resource_available":false,"data":null}},"time_used":2120,"timings":{"blocked":797,"dns":270,"connect":174,"send":0,"wait":349,"receive":177,"ssl":351},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-23010-9doourbjjgmv64","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-23010-9doourbjjgmv64 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"dfed7e0831b55b2a179d2cd561a843f4\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 89a0488fd72842359587ddb4086a0342-67bf22a3\r\nhandle-by: img.susercontent.com\r\nage: 163550\r\nx-spcdn-request-id: 1238d75011f155d3d1efcd3b234ce360\r\ncontent-length: 226419\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 7550766858829171910\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":226419,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 772x772, components 3","md5":"dfed7e0831b55b2a179d2cd561a843f4","sha1":"6c4506a6b2c7f72f88ac9bc99f173bcc926056de","sha256":"32bbed61d07464ac18680f68e4bb8b21f341b5c3c9aac49a6c7d882da4f05212","sha512":"412c580ce870cd99c397def6646b1a5141cade090e8917611e71712659440dcedd855a683d105c9b6e956225b849bafef7032c55578eaa3a26a6f5f171ac7f9c","ssdeep":"6144:MbdfVrtNpayLtip7eKoyY6KEzYE+SGJevoPM99OfQ:yVpJLtJ4Y6K8Y4GJeQEvO4","tlshash":"ea2422cce1f0afa5eb0907f18b54a4e9653bc76adec061657a0f6455b49c12f4080f6f","first_seen":"2026-03-25T15:52:57.161509Z","last_seen":"2026-03-25T15:52:57.161509Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2384,"timings":{"blocked":552,"dns":0,"connect":0,"send":0,"wait":1469,"receive":363,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-9c1c641c.2704964a.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-9c1c641c.2704964a.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-11d5a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73050,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8f1d408eb7386ff242f7739dca93b922","sha1":"7be2aa429a946c61c3e32e13cab28b11d1db20c1","sha256":"942b5c7eb61dd99692e6a96d8ab13671238d138d6bcb5f8bfbc56a82ce3e7a21","sha512":"0ba265e59d70162b5f2d175718a51f93f1bb7f121fabbb0c90287e74a9956f0246623225259265543a102fd806a78a18c2e75a4d2f325e2a87a926db2d98065c","ssdeep":"1536:O81LeLxbOfU6prVTG1Bo35sCe0MXePDsHme:O81LdU6prVTG1Bo35sCe0MXePDsHme","tlshash":"36638472f991261d71178664a19576e85b3bf012c2421ff9f02a7b358fe72c6372238b","first_seen":"2025-06-13T14:30:24.486152Z","last_seen":"2026-04-08T20:24:41.778216Z","times_seen":290,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":82,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-c5c0ecd6.2ea0ed93.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-c5c0ecd6.2ea0ed93.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-32e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":814,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (814), with no line terminators","md5":"8ad920d3141fcfb6940483b0ee0008ff","sha1":"e45b43be13dc2cd8033b3eb424bfdc4b9456b645","sha256":"6de363de93ecc1ea90d66315d79b726f1d0829281515795ca9ff2f597b1096e2","sha512":"60c413c315fae1738c6db6845bf335ce162fe8522bbc8064489726bf889b3fcf3a3fb34ab9a7884910d02ffbf1c30aec497f28bbed57ecaead7f4229a1719ffa","ssdeep":"","tlshash":"0501ce13b656220880b7d6f2a59939cdc280f977e00769f95d328f21cfcb1c21da82ce","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.844486Z","times_seen":752,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-f045b624.fcc4b9c8.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-f045b624.fcc4b9c8.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-78\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"7a2294f71fa3fcb9df3f49fc4b6af4a0","sha1":"e3737db7515fb7f5ee71f08e997263adc7859680","sha256":"53d54f04576875a8355e595f7a10f2530c5f8468f1e5bf954669f7f119b5c8e8","sha512":"b4093c4522fc7a720a005d30b757639615f52c39ecc5140e8c69d0e9f016e11a1707f0442341922e61f38e182c2ec5ea238b991c2c17e1c51aaa24ec2d1f295b","ssdeep":"","tlshash":"aeb09270bc4c080d23b7b3592264ada01e247152ea8012296cb0d262ae033a2344ac86","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-04-08T20:24:41.850846Z","times_seen":744,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-08d95777.8e76322e.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-08d95777.8e76322e.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f42\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3906,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3850), with no line terminators","md5":"3894e895cf59daf5d1aac34d8d0c703b","sha1":"ab33614f3a9ab14d2adb2228a7fe289af9132b76","sha256":"5583f58f0735d4c6ed2ec37748287c7e80b3e9420e8f6594e6abed75f300303d","sha512":"0c57495ebeb1b6ebc5732e9fa7c0b9d9ffbc1588c226e38f262a4fc1df60cac352d971b8f66c7bb83044749c718e960a41b52842dec8f613c648fa997b56f696","ssdeep":"","tlshash":"0c81c8ad6187f29b8ea66152802f22e4e2ba7f84701c74d5f774e5c9717c490132a7b8","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-04-08T20:24:41.854299Z","times_seen":724,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-74d1c393.217d77e2.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-74d1c393.217d77e2.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-6a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"bff42bacd79f07fce7ce3f63cd11e1df","sha1":"709f2f4f8984cd122f4b23db3422913ab869b1db","sha256":"947aa535d6bac3e5cc1a59fb1aeeef43edb1735ff58581096ff111744e2c5811","sha512":"cb348fcd81a8576ca4b833d7437eabb4c8d38dbe2313203e2e19b727c33b87af5a12140e9848528188d08c29ddec0ac441b913d6a3e26086dfb77d54b8032e2f","ssdeep":"","tlshash":"bbb092ad2018b41614bf9684121733e50d4a12092fb229a89b6800a06a2598b452168a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.834534Z","times_seen":723,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-f13b49b4.f8f2b106.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:29.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-f13b49b4.f8f2b106.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-7a6a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31338,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30960), with no line terminators","md5":"0406cdb08fa67b132dff6fba3454fa78","sha1":"afdd47c58ea40fb49b9ea22700008f735dcf6fd5","sha256":"539e8cde20b9d40bf961c817e951417eb279b480ff6ebd124d4995ed2c251aec","sha512":"a6a5c4b477a7f35ab0da35d756a4165d21ecbdeb4a4a6904dee3a849ae3b55bf160d8918993be66ce64e8d44c9853643fa011439b7b97706983cf2999fa6a4a3","ssdeep":"384:7yIG6WLw4+RaU0n8CHXbJtwokdnCpbJAyXs:OIzWQaUtCHVyCQ","tlshash":"e1e29719b1c7e26b9d7a9021402e3524e1327ed96026e186fb34ccc47a69d78372ef7d","first_seen":"2025-05-18T06:03:19.622402Z","last_seen":"2026-04-08T20:24:41.763233Z","times_seen":329,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/cfg/202601/20/8efaefdccf5c4b59836cdb79d709573a_.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:29.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/cfg/202601/20/8efaefdccf5c4b59836cdb79d709573a_.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 86811\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Tue, 20 Jan 2026 03:25:22 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-04-08T20:24:41.747053Z","times_seen":217,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":347,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/app.603ca045.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/app.603ca045.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:23 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1e52a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124202,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5f88fdacadf021995da36cfe7e3f6a3b","sha1":"04b25a0688c2016fc6c25e5dc6ab41089b825144","sha256":"e67248c3c7e202438d77148e0023be1e6762bc8f9517f80b9d18423c8b818a42","sha512":"d634fc18dcc1b0c0e84194961672f9ecdbef1e64c7182885b2cd3ce27938f74fd0b0e267c0c663ce2418475471cbe911468b428f1feea4b38bff429be232541f","ssdeep":"768:gId3U6o3V+4+6agSMJvSL7IfS0GHGHUjOWZkNxzi6zZyuc48gQ6pVU8eS2A6kiqO:gIK6o3uIfS0AiUjDinziGIW0xmBH7Cz","tlshash":"60c37797bad9250cd9978a91c59a3efcfdbb191183829cd3e4537bba9f453cb221001c","first_seen":"2025-12-23T06:21:39.699332Z","last_seen":"2026-04-08T20:24:41.76537Z","times_seen":128,"resource_available":false,"data":null}},"time_used":1383,"timings":{"blocked":508,"dns":0,"connect":173,"send":0,"wait":348,"receive":1,"ssl":349},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qveu-ljw7s2q85wji02","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qveu-ljw7s2q85wji02 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"f45212483bee489992ef6bf11d3381ad\"\r\nserver: nginx\r\ncontent-type: image/jpeg;charset=UTF-8\r\nx-mms-request-id: 10f5b9141802473b803e3d274a9988e8-6898b731\r\nhandle-by: down-src-global.img.susercontent.com\r\nage: 0\r\nx-spcdn-request-id: 3d4cc09fae43e695efe02d17300b56ff\r\ncontent-length: 311917\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:26 GMT\r\neo-log-uuid: 616447843986933965\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311917,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"f45212483bee489992ef6bf11d3381ad","sha1":"67997d3049eb7c95ae24ddbcedf7bbdbd26c999a","sha256":"e3ba0c83810c9dd24c3df656119ae8a347c8396284f7d70ebdb0d7adf2b8871a","sha512":"9bec8118e64879b97c2288d6db6dc8e9a7056280aa1851f71f9fe1983aa33c3e02bfa12206c2f3dd2c5b0d7fd56d13c032fc0e676332392ab98e79b789a40ecb","ssdeep":"6144:/CY0Jo9tgHz9OF04fEkeRDRiSKV61QyVkYabPxYD86DwXlPRkAztiNN4+CVBq:qY0Jo9iHMF67xgSA6+yVkYKxUilJkmyj","tlshash":"4864667e2730911be4ce2926e43987eb2b734b50d89f8938f454c6db8b767806b52c1d","first_seen":"2026-01-12T16:05:44.477068Z","last_seen":"2026-04-02T18:42:59.757526Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2580,"timings":{"blocked":588,"dns":0,"connect":0,"send":0,"wait":1292,"receive":700,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-6497b0e7.c3581cea.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-6497b0e7.c3581cea.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-8598\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34200,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33900), with no line terminators","md5":"c2cb98b6b5e532236f6cbc46116bcf6a","sha1":"ebc03c679661e156a049cc2ce40787d5653c5b77","sha256":"3dcf536d9a58bc35045ad633ad7bf93c1b5ce6aa4d54128024c5d50f1814da3a","sha512":"2f33e7a38fb54463d4c20cd375df447c692dbe3e908ff6e7e276daf379007eb21130fca9556edeef509b8a96790932c4a2e0bc21024851ec19dbaa671bd8d9a9","ssdeep":"384:VdIhe82+qWsR4Z7foZXi+Z7+qMoWRpKkBkZXDvZqQgqJZhRXPNqzZNoU/7dh:fIhT2sOvUQ4Y6","tlshash":"91e29515b887e1afdc69a061802f1971d1367ed4a016f081f774cde0a6b9cb43b2dbac","first_seen":"2025-04-11T11:01:20.429678Z","last_seen":"2026-04-08T20:24:41.857825Z","times_seen":339,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-b697e706.4ec77778.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-b697e706.4ec77778.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-6fad\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28589,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28283), with no line terminators","md5":"9dddd6b6f3fcdb47a773f0a1305b1601","sha1":"708fb5d8516c6bd543a4d7ca247d1f58154387e7","sha256":"312b79e4090cfc77859e6744f7753603db72e28ab44a38c60424d2afe26348a3","sha512":"90769a9c6f3567af380d85c3605901e5ad6b2f2360d9c80231667fd8efe35ed6e22cff1e467a017080297a1e96ce6d48803a6f34d2c17d6fe32fb148f91e0978","ssdeep":"384:7aR6aUGUDUPUbPE8Zml4FIZP5hknyVZaPh:7aQdgshml+Zyk","tlshash":"c9d2b719b9c7f56bdc6aa021402f2935e1352ed5a025f081f734cea065b9c743b2dfad","first_seen":"2026-01-20T14:17:30.740196Z","last_seen":"2026-04-08T20:24:41.855864Z","times_seen":126,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-c5c0ecd6.f5c32279.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-c5c0ecd6.f5c32279.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-e03\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3587,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3587), with no line terminators","md5":"41fcdae977e717a12a1004b9651eb9a0","sha1":"af9a14f6643ea30a0d58ac26b2a11c6b6e85f65d","sha256":"23b68516d5c626627904ec97e44374bc1b120f088bc64e085b77805c895ab0a3","sha512":"26a22d896954e3ddf63dc817de327fa7997e532ae4205e97fafdbb44245b4c0a87295c6937230fb4d7559b8a8975e5e097b683455665d222ee168ce41cdf70f6","ssdeep":"","tlshash":"7771a4aeb8ccfedd08126150583f3114f18a2c01e86454d5bb75ffd58e86531099eb6f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.853324Z","times_seen":721,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/js-cookie/2.2.1/js.cookie.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1299\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec5-f2b\"\r\nlast-modified: Mon, 04 May 2020 16:11:49 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 33626\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YlSBo7A1wgvjzkzLSkxlwif4iSljg4LIjI0unQJET%2FKl9DFwTYk0FhbD3mh64tAZbp6gIEf7Q5zb8bqHkGGGqp9JDLpmOR4pJcz5GRexGRjZOhQ%3D\"}]}\r\ncf-ray: 9e1f15164f5635a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3883,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-04-08T21:00:11.857595Z","times_seen":2761,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/common/dictEnumMapAll","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"POST /api/common/dictEnumMapAll HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://glowremotely.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://glowremotely.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7882,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f8264c8e9ec32b173bc043f598ed5572","sha1":"c3fa80300811ce3a4b177322e620a4104373dc8e","sha256":"145a0927acabd4a15631e4e961c79dcbf15dcd20b8b622b99c0f592afb056ff1","sha512":"9e5e52f4b8070dab0ef91a575279ec3818b05ece921238cbd2f963165813d8be5ab06c0d25f942dddbaa560a11b0b2e64c90808c87d7be4a1a26a0d811be13ea","ssdeep":"192:e2Y1Ys18r262EQEZSuzsR1INERzDHx2Af2:eC262EQEZSqm1xDHoAf2","tlshash":"97f1d680b38c9db08c52d51155933c2979712adef21c8260a6f5fe4db08cb53b71bae6","first_seen":"2026-01-30T12:38:02.205184Z","last_seen":"2026-04-08T20:24:41.788393Z","times_seen":119,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-385c545a.3ac6232c.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-385c545a.3ac6232c.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"d215a57d93ebcae1ff01af2069948880","sha1":"79cacd45cbf0667d37ecdff1beb261415b2f37be","sha256":"78ac4ee0e05eae300b279d241d924a449cd33093ef41d3f2a2db8eca643e9485","sha512":"b8662d5cbdc28a7aac16c798416ad545f31270f86a673f4f90d7fe6b5e195b91486df11e792ce4cfbe40d8ceb06d3accf2c787d474534401c0ea02c2b96993af","ssdeep":"","tlshash":"acd09766b48c1100227ae6ab713183f484386383ee240713e237b4b0bf631e27148a07","first_seen":"2024-07-16T23:08:14Z","last_seen":"2026-04-08T20:24:41.807284Z","times_seen":564,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":132,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/tw-11134201-7qukw-lfkf0hzxkqh96c","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/tw-11134201-7qukw-lfkf0hzxkqh96c HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"6c6b1e3d421688af350bf94503f1b809\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 781a8fb45be74a05b116a66386015c92-6830c454\r\nhandle-by: down-src-global.img.susercontent.com\r\nage: 157304\r\nx-spcdn-request-id: 17c4a2cf86ebc369da69ae69cb0ff94b\r\ncontent-length: 162021\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 3424798827037670079\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162021,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"6c6b1e3d421688af350bf94503f1b809","sha1":"331babf2ae566c1b37636b8524209e8c22be20a8","sha256":"adc8dddd006c416a33ef735f6f74707abb0042cfa2cbb8f545d2bf86cc7bc4a5","sha512":"000b85b139f00fd8a30d78a2738fce6dbce7fd3217085d89f8e7f0c2f8192123f9e7b31814e9bee6895985932dcbf85e86fa9a44f65ac4663a863cb5189d660f","ssdeep":"3072:Q8c8L9FiMqOjYpFSVIzcgCeeOmOl80093u1HkzAW51zDxh50Y/2:E8JF+6GSV/9YFa009+2Ma9DjiY/2","tlshash":"a2f3026a8d28d5224e2d1778d5aa5c5f039a6f78f7e4e45400018c9bfb8df62cc6ac3d","first_seen":"2026-03-25T15:52:57.179571Z","last_seen":"2026-03-25T15:52:57.179571Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3110,"timings":{"blocked":613,"dns":100,"connect":251,"send":0,"wait":1632,"receive":253,"ssl":256},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/1.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/1.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 18722\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-4922\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18722,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"3959345f02bfd3d6d23caea239421486","sha1":"6b3a7d485bf821b44756370daafe7887eac3faef","sha256":"9c31875158648f5fd608decaa75ef24630d45a12a9950f301fce4ac2814c827f","sha512":"5895c63b0d04e95e847d30b72cb774f65373ebc6f2b39fa9f81e82a687a85754cfb26a666c9ce61be566f2a265738da37acc893ac5f25210ccb4274f47575e88","ssdeep":"384:6OJnQgn+7xREPkpGf5Pp3t7yqujGILm2D6aOI0/Jnu6+hyQ75cV+:bJOxREdpkqujBLm/5I0tge+","tlshash":"5d82e026fb1a2d45ebd9b24a65c2663eb4671b935360e3a0fcc8ccd44c601a2d41eed2","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-04-08T13:03:05.009033Z","times_seen":268,"resource_available":false,"data":null}},"time_used":1518,"timings":{"blocked":1168,"dns":0,"connect":0,"send":0,"wait":349,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/theme3/tabbar/order.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/theme3/tabbar/order.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 379\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-17b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"549ffb680d0527849f31e5995d16799e","sha1":"5b9749927e26c7f219f9170784f37a9dc1861c6d","sha256":"c5ee884416417d216686fbbdc70e12525210e9c016655a7020f729d95e5d025e","sha512":"4326949b6fa6b271f242ade578b6712573f0e00ed5cd04ad9040c8522134bc535f048d40ddc68e9397e357d67126cbc991e6594f73eb52016a321411a0b7aa6d","ssdeep":"","tlshash":"46e0686b62a45dbccaa60e760fb0045280b0c9988516cfc6b16fdcfa0a018c855c5f55","first_seen":"2023-11-04T02:21:06Z","last_seen":"2026-04-08T13:03:05.075593Z","times_seen":413,"resource_available":false,"data":null}},"time_used":980,"timings":{"blocked":805,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/theme3/tabbar/mine.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/theme3/tabbar/mine.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 4660\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-1234\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 138 x 134, 8-bit/color RGBA, non-interlaced","md5":"9257d7d41f0aeb65c674ea3ee19ef1b4","sha1":"826e3ae0ef20a7f48f69fd5740ff48212d05ecb0","sha256":"f4e0220e488ebe9e5176c587603b0756cc755a8649c13344aea8652d57cd5562","sha512":"e459264955355f76655df49a7ee28a76e31b84ebd37a8fcd2703d011b8eb29696ed01177dbf79758c952b29802b4afb7da894aa869b6e6c596f988764a444de0","ssdeep":"96:F9ICo03ee/GROo9AO7s0BPYx6GYWNHo6JxG/jgIZpEN25Vnj802NKo+pTp3p1:4L0uqrydGthNI6DOgIZzVnjj2NAp3p1","tlshash":"95a16e1391ede97e449c890166d2053db96b3bf0c68897f4149b2fdcd3b0e72b6810b8","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-04-08T13:03:05.071191Z","times_seen":419,"resource_available":false,"data":null}},"time_used":1155,"timings":{"blocked":979,"dns":0,"connect":0,"send":0,"wait":175,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-dcd191bc.a3d95352.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-dcd191bc.a3d95352.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-e5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"44d18e73f11f336ed1636b2a65187c12","sha1":"0e8cb1477395fd97064278ec893771e52426ef6e","sha256":"b17c5035fddf95cbfc4d571e19fedb0f4be2eb90896943d948225a49134c71e9","sha512":"53d46df8a26d612a795c0b50203e255a8db07621c4d550f45ffdd35492c2876de3236e85f630232c88a78d39260a2bd2fce734cab072cec9365a9fbd9d0b0625","ssdeep":"","tlshash":"5ed0c90e3b4c4432343bf120f68404c12186267287278a1b5ca01121efb2af62638b7c","first_seen":"2025-03-31T13:39:50.443787Z","last_seen":"2026-04-08T20:24:41.796337Z","times_seen":348,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.14/theme-chalk/index.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.14/theme-chalk/index.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 28355\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"64e78703-6ec3\"\r\nlast-modified: Thu, 24 Aug 2023 16:36:19 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 98716\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KRbftp6NDtXpBYrRwhhIigAM1gKOfrORLjZ9eWjRkdVeMnBdKJIx8plI2g%2FVUb78b9nP7f6qNaQ4%2FB3LKby8MVSU4HzOtvo0rw1wmHdRTQ3sNCM%3D\"}]}\r\ncf-ray: 9e1f15163ef735a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":240033,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"07ced7e527d781115b5a9f3f3f559884","sha1":"371b1a3e8d3453a2451e76320d9d7c0e301331b8","sha256":"dc86d4797565d05e88d63598128328e2ed6f02f7f6d950a36a1c4ca9eb9c8057","sha512":"a19dda2047af06da26cb446e5a9184fbb87ef5db209368305f4636d5bf28bd29442d05b556540359dc41198218092ce706bf1a7b765e18b3c481c2edd068e10e","ssdeep":"1536:c28Y7SrW3YeWXA1u9w4HCe/l4TEg5fqMEeje378OaiZkW1YO8eQM+yFffwbIcfGc:lvHjahfAG1U2VGDt","tlshash":"b234a7219b03216b612bde6cb6c0ba895f18c323d4725bbbfe95740dc7d34891267a4f","first_seen":"2023-08-28T11:31:40Z","last_seen":"2026-04-08T20:24:41.843933Z","times_seen":1280,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":14,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-62a9efce.a1c2f75c.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-62a9efce.a1c2f75c.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-d73\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3443,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3443), with no line terminators","md5":"a3c7f40f0c8b465b29b017b388f3b3df","sha1":"c9bae219f9bfad67f0d5e60a87dad18b81c08bdc","sha256":"b1c75d71125796bf67ed3f98227622683636475f7be80b9f026167f5164b69f3","sha512":"b326254ef841679e279b10abad0726f379147b7387816a1bde714e579081e333ae00de1b2d3eac0470c5f51944ade77aa8fc9fbbf3ce8eb209daaab83b643716","ssdeep":"","tlshash":"9761be323a597209e46bf560f6a01acc53f8b613d20302db45076b218ecb5a238f9b69","first_seen":"2025-01-10T12:51:25.87288Z","last_seen":"2026-04-08T20:24:41.813737Z","times_seen":483,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-1bd77d07.020abd75.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-1bd77d07.020abd75.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3107\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12551,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12527), with no line terminators","md5":"ff7d917b7f022450a5dc08bee716175f","sha1":"f216f23f800d612b29dedf753886cd51ff88326b","sha256":"c0dfc0a3b31b82bf9c90c986839f7b4b68fe36ed1bfbcf98584516d6051d00b6","sha512":"3b0f4fc073d835504bf373e4d4f007c699aaa590b096ad39ce6c655fcb5646f96f74e18c8452d7e980151ee836e6cdcfe368c863667988fafe6d4bfcbcd7263e","ssdeep":"192:aEWzzwO0x6+shlT48dEBGqTydMtubitHw1gEgM48GEBGlbBNQn2guOQfRtnlLw:aEeCxBUuJw1gEgn/Qn2gu3Zw","tlshash":"f142eac99489fe1a1d529111202f31e5f10a786eb628d9d9f770cfce8ddd9440e29b3e","first_seen":"2025-05-18T06:03:19.687815Z","last_seen":"2026-04-08T20:24:41.748007Z","times_seen":330,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d0b3a3c.eb067d6d.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d0b3a3c.eb067d6d.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-15dd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5597,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5489), with no line terminators","md5":"d03116268a45e5c26a72a4acc7176542","sha1":"6522fe34ee999e7a6244f3bdd912f1899e03e9fd","sha256":"a8afc8c95af01fd65075345fc20253d3c255194fec1e1cc42c93c7cf4826b726","sha512":"b7c9d0d3e5741c83b439fdfbeb9a7a73edfa4ec9ffe02fdd0c9f63056d32ca7f8eb7047ba16ff7beb7d9dbbca9e0547799c61597a087b05fd0b24633fe85a47a","ssdeep":"96:Vn0LXNkF3a/s057RLnm8jkjotbWDBkviyLWb:VANkE7Vm8jkjotbWDBkvMb","tlshash":"6bb12130e543d56adc3b9a1051296636f070bbd6c569f042b3b4879483f9ee43b1e36e","first_seen":"2025-05-18T06:03:19.657886Z","last_seen":"2026-04-08T20:24:41.787214Z","times_seen":330,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-385c545a.a27d7dc5.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-385c545a.a27d7dc5.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-28fb\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10491,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10417), with no line terminators","md5":"ddb02e45d37e1639cd3384f733bdb3fe","sha1":"9d991775f4ae663e220277c089e9073a500e6c9f","sha256":"3282f4d68e030666db13fe7fd07d974a17c345ffadb4198fd8550b426dc29ba8","sha512":"8bdbcff92fb4750044670b130049c5b9a3520c036def3409045f1cfff424d9e3a5a7d5e806ebb895f2f3ec4be25869bc3515c4b6d35dcb4d7f28bbdc30b5cda0","ssdeep":"96:5fzkx9RKgp26fTX6eHrS1HeoHeQQX6QXuMU9TisyTsaJ2g4Hl/TVhD4O+gktmIFk:5bkQ2zLWRRHZzjyvm7ktVFdS","tlshash":"71222e64a487da99ec3f4422906d2371f1643fe6c738e082f7b4ce5902d5da42b2d7ac","first_seen":"2025-04-07T11:12:04.213589Z","last_seen":"2026-04-08T20:24:41.75522Z","times_seen":466,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-3ba48570.e079056e.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-3ba48570.e079056e.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13e7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5095,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4977), with no line terminators","md5":"aae37e163f751665260e8a9f0113796c","sha1":"2624ce3c3c29d4d74acfe9b87e0afc83376dbfd5","sha256":"208f6ba3163d5be49e343ffb77a56a901833583bd02780bed4e2a979ab4bd2f3","sha512":"e14612944a04452e4430f9f5578f692a8eacd8b4e74c24e32323e6bae88e0b924f8b5a7d6aba012c3600761176ba98c731c1f904a62f0b9de4634d496b8658aa","ssdeep":"96:PDVyrHPme0qnGryBBPLzstDpa+BptKXnvrb72P4H:PDCekmyBB/kptIzboO","tlshash":"6cb1626ca05beb9fd85e4151402f6231f0313edda436f1c1f760cf9896989225b1eea9","first_seen":"2023-10-18T00:16:17Z","last_seen":"2026-04-08T20:24:41.815491Z","times_seen":681,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-51454bdc.0f5c3831.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-51454bdc.0f5c3831.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-16a4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5796,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5642), with no line terminators","md5":"3ec0eeb7153814edef2ca2c843a6c148","sha1":"311219b2402dbe49c012be2f3032f21cb8301d0d","sha256":"517eb1f96f887ef09fd920c87c025ab8209e739971b2d8d7e9ca82be49c74ea3","sha512":"6feca234540f2cf2b137ad64d0bc62657d7f1305047c13416be74997813262308f2d4e7abdc26425548653a4884fb196aac3f990e598e2d24a2d46aba12fdb98","ssdeep":"96:xZWC6Kz5WKadEQdTfQyvTCgze04bjutHl/H+hWyhjYKD4btLDSS4:xZOtwXFYAOtm","tlshash":"5fc1745cb0c7f518662a21b1601f3008617276c4691dc281bb7cdad65bf4938ab2bfed","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.846869Z","times_seen":727,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-7ebcf264.5d438a80.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-7ebcf264.5d438a80.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2cd4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11476,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11394), with no line terminators","md5":"498a899df615cfafc276472b1be881c1","sha1":"98fbccda6c5d4f420bb0369591076be6ceb7c746","sha256":"9bd10b776c016be8f501f8bb5f36d42b210fc0ffa2c3423cd0056d1c8397967d","sha512":"f06de60b25ab349e02888bfb395142cd4f28f5fae94b3b7810b1de947e083974ee4b220ae2012a62a9cf2bf1fdf772b0792118cf7b6d3f1e01423a11ca21daf7","ssdeep":"96:uT2XkyNK8ToTTTw7tBK2Du7FtO4zP4kDcUDcR0nm0n39X7oyXHG1P45fyAe1cWpH:uTOkrDzXP/6hYGy2iMNDFdp","tlshash":"a6322159a48be6aedd3f8021806c1631e0241fe6c739e083f778ce6842d5db46b2d76c","first_seen":"2025-04-07T11:12:04.200468Z","last_seen":"2026-04-08T20:24:41.821391Z","times_seen":466,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6201\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-5915\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 620514\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wu6sTonA1gXn9sHeZaMRPnw9DddynYGXlflzb09rtSYV88BQ0WoDDa839igwQqGMKhNztlePOKqAihiHLhsyNCya6Vw6dv534CRRHH8ITI%2BX1bo%3D\"}]}\r\ncf-ray: 9e1f15163f2535a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22805,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22712)","md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-04-08T20:24:41.767438Z","times_seen":1026,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":1,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs//Swiper/4.5.1/js/swiper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 28993\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03cf2-1f6e9\"\r\nlast-modified: Mon, 04 May 2020 16:04:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1086075\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iDkc8f%2Fmw%2BhOjZ09mpC2rsUgIGd6BY0h3jYBHKuijfPCr5IhYxaj65XeUZ%2BaaL7sV1DatqMvoQGczB1%2FMZocRc0NpQfqyZ3Kicd9jVmoUrU7AgI%3D\"}]}\r\ncf-ray: 9e1f15164f4135a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":128745,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65269)","md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-04-08T20:24:41.831947Z","times_seen":2092,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/a14c3fbb9daf6c972aee7506801d9846","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/a14c3fbb9daf6c972aee7506801d9846 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"a14c3fbb9daf6c972aee7506801d9846\"\r\nserver: nginx\r\ncontent-type: image/jpeg\r\nx-mms-request-id: 60261fd29d3b4a18b278c45bb298fbf7-68a15b04\r\nexpires: Tue, 16 Sep 2025 04:31:00 GMT\r\nhandle-by: origin-cf.shopee.sg\r\nage: 202593\r\nx-spcdn-request-id: 4f35f65f188732789c120929749d6442\r\ncontent-length: 74505\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:26 GMT\r\neo-log-uuid: 17129669405302117419\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74505,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 500x500, components 3","md5":"a14c3fbb9daf6c972aee7506801d9846","sha1":"3de2c6d37751db66f172745d153f7a8e6e9c69c4","sha256":"501d82745fb1546cc39ba3004b4ec585b7b9331238def1821fd859ce14e2342c","sha512":"97002657e8d1bd45b94e3eb7b5b7e50ba096c3e37744028bb55fe030e91ffa9e688ae17e2e9c99b17e5c0212f5f892cbfbff71b34daa2d0b468b989d17e8d1e2","ssdeep":"1536:L1gvHj0i0MOAJNZ1/JZu3Kj7eB+2uUNQE3axdAjBlwf:hgr0OOATZ1PmKfEXHNdAduW","tlshash":"d073f137dc185da3e66ecb762e631f0c4702be15ea21b5dfa022c952b37910b1e5e139","first_seen":"2026-03-25T15:52:57.194008Z","last_seen":"2026-03-25T15:52:57.194008Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1692,"timings":{"blocked":584,"dns":0,"connect":0,"send":0,"wait":1046,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/theme3/tabbar/home-sel.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/theme3/tabbar/home-sel.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 678\r\nLast-Modified: Mon, 19 Jan 2026 17:07:34 GMT\r\nConnection: keep-alive\r\nETag: \"696e64d6-2a6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"77799daa36d79f46d4b281b47653ed1b","sha1":"55373be89e5b80041a0498a720e73db384b30236","sha256":"72587bba2c08d4d3224cfd5c5be4be51b84741142696938d00361e372d2c8813","sha512":"eae2e0e6d68a4b7e1542cd846aa3fb78cb007b0a62f860425bfb544b1c89c9d34eec213d2a344353a0dc30521f4d529edb983f7b4d2c1acfcd1e54cbf7fec813","ssdeep":"","tlshash":"43018393f30668269ea14ee7c33f9178e088c99715e864696a82843d1370ba8f52d267","first_seen":"2025-03-03T23:57:52.309985Z","last_seen":"2026-04-08T13:03:04.994727Z","times_seen":250,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":102,"dns":0,"connect":174,"send":0,"wait":175,"receive":0,"ssl":355},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-d646062a.fd7ecd59.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-d646062a.fd7ecd59.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"1db8ba3fc65dbf3f188380bcdf134406","sha1":"2cbb507f86ecf66a1d8754c4ca55989642a4db24","sha256":"34d7a991e8686b0c722898afb4868d324b4cee6053c5e0aeb37f76b0245233c3","sha512":"e3d39b9e1b11331f99e3816b78e57c4f253543915a102b9b4ec8b67bad401b0e663082a755ab447931c15da95cbb967d553dfa1176598d72efdb364ca132f6b7","ssdeep":"","tlshash":"0bb092442a8c0012ec9ee2e0b02165c18617b333ca424712ef28a4b88ec30b82061d19","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-04-08T20:24:41.845073Z","times_seen":733,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-f13b49b4.e9195efb.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-f13b49b4.e9195efb.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-c7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"07bf465c4fa5dac271dd296cecd73926","sha1":"acf181aec81897157c6de26de39111a38873137c","sha256":"8f8b6dcd2ab98a4389029cbb8c63aa4d0ff12ac31d50b5d5b14f76a639349f1b","sha512":"b17f60cf8499016f701e2b47ae28b751d8c35bb184f60b1d55621569e710a2270bb16262f225e10b8a0ba1c17a85c33b849fd90e007e9a94360fc9eff061bddc","ssdeep":"","tlshash":"c2d022447149176901bbc281c0d004c2000ab30fba1b92b34d20ac388fd7040a29ad68","first_seen":"2025-05-18T06:03:19.696886Z","last_seen":"2026-04-08T20:24:41.837346Z","times_seen":330,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-189a2af1.a6acfeb1.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-189a2af1.a6acfeb1.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-af5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2805,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2805), with no line terminators","md5":"468f6b31fc895c922124770cf6c2e8cb","sha1":"08df2fe814f49ce944d01335fb57de8c217c3fb5","sha256":"880c31a4e7c722887deea7342f8e3f11d548a36d5373cbeab820cbbe242adb26","sha512":"08fe2112db174a0cf661d076f32e6e3e5232f79a09f791e186c538f6a042bd9df13654dfcc52d174fe5a33f020718501ca47167563ca7909193e4898a636ec18","ssdeep":"","tlshash":"c35133066f56faadd866c286101f2750e05c6a7c7431d4c9f370cbe4d5908aa039df1a","first_seen":"2025-01-10T12:51:25.896462Z","last_seen":"2026-04-08T20:24:41.85733Z","times_seen":498,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-ffc2961e.b443a13d.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:29.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-ffc2961e.b443a13d.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-29de\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10718,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10654), with no line terminators","md5":"881474b27e9e004327f03f6ef6698400","sha1":"8756e7d95bd51485c00488a4437493fdc20c58e2","sha256":"08c6496487409059e483e74dbadc14d9e467756921397eeea737289ee6b9b616","sha512":"8a574705d5a67569009decca3f7b93d50753709aab532f8dc0897c6603e4ca5b1328014679f30cb93be46560899758a69ba900ef92271f8082bba404dc99e6f7","ssdeep":"192:nwKcJl8B+lp0WyLAhU50QN5+npu1QwRL2JxAvuZy/0vnA1z+Wf3+jMMq+rUBd+uu:9cY+QWglxRITmMeXzfMNjsLxF8","tlshash":"5d22d9cce589ec270ee3b2aa343f30d5a20b802d7815145ff3b0daed259f9515922776","first_seen":"2025-01-18T12:14:07.095297Z","last_seen":"2026-04-08T20:24:41.825365Z","times_seen":467,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/f39a2d2ce13f443e94eb9616e3795078_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/f39a2d2ce13f443e94eb9616e3795078_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 109200\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:26:45 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109200,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"83dcbf6326a347fe55c0c645f55914ff","sha1":"b1b338ad7114f3d74f317706b4428bd6f3fa081a","sha256":"eb5ad397521bff280894a761287ecfb2e2f36c1952b4b98d2f2cd32ca21802a7","sha512":"168834cd8d427be21b9e5b3857e90e5a060d025485082f6288ccdc03ddec604a41a941487762d380049dfdc5340bad35f78743e12cc68eae2f364b641694794a","ssdeep":"3072:OeTqV12SDVXvvvGWQ+X3sFNmLi+y0wgIWz8iHOwwwwwwtPd:O729FwumTzLwwwwwj","tlshash":"e3b302270528ef03916cd3733f39196a2bae1e5ce29831f576610e5affa27462cc9454","first_seen":"2025-12-18T19:47:47.612229Z","last_seen":"2026-04-08T13:03:05.045075Z","times_seen":201,"resource_available":false,"data":null}},"time_used":1225,"timings":{"blocked":-1,"dns":1,"connect":173,"send":0,"wait":349,"receive":351,"ssl":351},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-134ebb5b.033b1400.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-134ebb5b.033b1400.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-42\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"bc8f367bf615641ab42ec602bd037fa2","sha1":"94db204a7e2294fded4a9cbd4ce2b5e84e94266d","sha256":"3fbae052426494e80dfd7b283a3738bcaf8b2894808ba80978d570eb69fcdd2c","sha512":"4efbbc755be35bbfffeefca229c5359b09f347114c062ca665521dc3414a5d8e83af5665915a20cadadb633b820951063eb9511f54d6c0d184e486bb43b60d2c","ssdeep":"","tlshash":"bba002943d4c0338b967e144624249e03179171a95a99763fc46203ad906da05418648","first_seen":"2025-04-06T10:24:08.355161Z","last_seen":"2026-04-08T20:24:41.776886Z","times_seen":342,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-210173e0.537894f3.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-210173e0.537894f3.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:24 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-157\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":343,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (343), with no line terminators","md5":"643a797580011f455a862f50acd92063","sha1":"461f0575f4d431d9dbc27709700cfa1d70e919b6","sha256":"0566ae96aaaeed7044a777f84e0d99bcf9e1e15b991615e46d88c8b146eeb72e","sha512":"04a2e5cdc39d2f2840ce565bc4210c825b98b8dbc4ff9226dd68388d8f878aff66c65d81281a7303c966e451b90bbeac24c3a190c8a6efffc80bfa165514782f","ssdeep":"","tlshash":"48e086007b4c195db867f36485b095852e3873178142575a7decc7e09d47189743b9c5","first_seen":"2025-01-10T12:51:25.860033Z","last_seen":"2026-04-08T20:24:41.770182Z","times_seen":513,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":158,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/banner/5/list","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/banner/5/list HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:35:46.020186Z","times_seen":1581,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":98,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/api/grabGoods/randomList","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /api/grabGoods/randomList HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6246,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9ab6a3b48f4e79ff7c97fcc230fba9d1","sha1":"d271fc046faf3ec16fc24c6a3b0b5073cff75ad8","sha256":"b2c1cc792ed6eae6184f8b3ed5e9e0861d9d03ddb909be99d16baf15b8f1c627","sha512":"3a5ef55818f4ab27faa814aa3286595491723e64f14957c9f20aec0af6483c7ba77e0916f0661c0ea337c37ef04878f3fb89a7e21b46e802a2011bb7a67cf550","ssdeep":"192:en4uRSNHn2xvJRy+BNKTNKG6eTJ6QFtIcY4tGjnZtM7WJP+NrPXkfiF9V/:en4eYH2x7nPWN76ed6QT7tyZq7OW5PU+","tlshash":"2bd1144f8bd4b8acadc0ca42511bb5ce60d9bf1e91a1c78d64c2de5cc2886f726dc4e5","first_seen":"2026-03-25T15:52:57.202118Z","last_seen":"2026-03-25T15:52:57.202118Z","times_seen":1,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":96,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qvdj-lj77iz649rwvf1","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"43.175.138.209","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:26.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qvdj-lj77iz649rwvf1 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"8294dceb80d7286f0efc89dc372cef84\"\r\nserver: SGW\r\ncontent-type: image/jpeg;charset=UTF-8\r\nx-mms-request-id: 4116d325074a442099c83fa19d3b80cc-6902ce76\r\ncache-control: max-age=15552000\r\ncontent-length: 266159\r\naccept-ranges: bytes\r\nx-cdn: tencent\r\naccess-control-allow-origin: *\r\ndate: Wed, 25 Mar 2026 15:52:27 GMT\r\neo-log-uuid: 7742171045199670998\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":266159,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"8294dceb80d7286f0efc89dc372cef84","sha1":"afedda8f487f3671283e7f0d07e20aee48de819c","sha256":"c521c422cc068e0a31a199ff6f61afe7d9167bdc2bffc72106f2412b5802e1bf","sha512":"a9e4eac65711a3353508d3c915d24d1484a35bd4fd9ee8a0230c59862b9dd9966eefa1d6a99b386295410081385474e69803cddcbc77279e2b55ae471904cfdc","ssdeep":"6144:qe/6BR3vHOz5NvacfLoOKdODCGPySoZ+ulvCtoxT:58R2dNv6dMCjII0o","tlshash":"214412dd80f21eb76bfb64ff531ae11589d38e39d3970818701dc809ca8e2166b5ab5c","first_seen":"2026-03-25T15:52:57.203992Z","last_seen":"2026-03-25T15:52:57.203992Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2577,"timings":{"blocked":555,"dns":0,"connect":0,"send":0,"wait":1725,"receive":297,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-0d0be872.660f69ca.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-0d0be872.660f69ca.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-7be0\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31712,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31148), with no line terminators","md5":"aab9a2c549da8252ddc01cef8a29b7b0","sha1":"d3d73bc1067fc956b8587bfb6fee4d3c71e64f10","sha256":"c73a5387a5fb94ee5b760b678c0dc33270cf380fa7dd817fdc2de66f88f0465c","sha512":"f2efd0054f52c6115c319efcd906447b3c6873a8c045f6f99fa8281da0b433281828090676d8308656dde7812401c0e84c3f9bc0c0cbc8a357cc4be26c07bd7f","ssdeep":"384:78yd+4HqRh2vAF0SvRsX6Y9KipE/YXwhE:7Hd+HtFHq6YcGqhE","tlshash":"77e2c744f0d7f67f4c9aa011006e2a25a2397fdda418e085fb7cc8d45898865bb7de7c","first_seen":"2025-05-18T06:03:19.634909Z","last_seen":"2026-04-08T20:24:41.794511Z","times_seen":360,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-250cd2dc.b9e7175f.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-250cd2dc.b9e7175f.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3a0c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14654), with no line terminators","md5":"4724bcd21055c96f1e1a25b9386c256b","sha1":"24fc973af86900a162067f41cd2661776ca02714","sha256":"1ea37a8dc1be62800d18f16269869838e61eeda63fd25cd470253a179febd668","sha512":"1eceb7bad8ca3b5570018efbb075ac3707f8bf8fec8b8f862a07c8c7f16c7e175b1f9e03108b785045c951682a7bc1922d81b79315f5a330a0fef39509826972","ssdeep":"192:SnqbyX6fWRP/zWqs3fbPjIFa3jDZ+ZvlJbJQl5jdoc6cjL:SnqxbpQZ9JbJQB5","tlshash":"71629718b1c3f6ab496aa021452f3524e1327dc96416e546ff30c9c47a29d78372ef7e","first_seen":"2025-01-10T12:51:25.906128Z","last_seen":"2026-04-08T20:24:41.826351Z","times_seen":467,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.4/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:22.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.4/index.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 25 Mar 2026 15:52:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 121691\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6109231c-1db5b\"\r\nlast-modified: Tue, 03 Aug 2021 11:06:04 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 98716\r\nexpires: Mon, 15 Mar 2027 15:52:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZeeZUtsdMdBCQrajwFAO4lisR6wnGOmV1RFeHlICHwiQGPdRoTs0kEo6MlRSk1CNM%2BTjOfcUOH%2F%2FJmr3BC1Qz9bt%2FF6aIOa9nllEfDfL8YP1H48%3D\"}]}\r\ncf-ray: 9e1f15163f3435a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":585656,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65105), with no line terminators","md5":"c51f03d35129d9d1a9da65b24cef7fa7","sha1":"1e1d550d978378980dc3aeb60012da86c2355c4b","sha256":"339747e3a960dd82946bb6b06fcf1dda76b9ee786a337726b535a1d86d6b9c0c","sha512":"8c83157d1a2d4bacafc89ed01d444551151772f1119272c303ace71aa12b6f1fba29da8c9597e2a9baf670c93768286a405a70186b92ba5aae84554b9123c1eb","ssdeep":"6144:K4lrdS1Vqp5xb+XzxEXdUfM2Z0a54VXTnDBHiSuLx8isMZg07LQi:7vS1Mp5xb+XzxEXufM2DEDVHDub7LQi","tlshash":"04c41b8d72c1b5314ba36070503f250bb33b299c680980dcb679d8ea6dbd949526ffbd","first_seen":"2024-03-05T16:56:16Z","last_seen":"2026-04-08T20:24:41.849804Z","times_seen":734,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-250cd2dc.4cf16b04.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:24.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-250cd2dc.4cf16b04.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-96\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"091f4c0d35cf00184a04622ae52b2624","sha1":"176269dc52ce5d5f6d777745c61c10c2a04c7d25","sha256":"54e7f16f1832e2a3fa11b2c114ad46c90142c333b5c155353bc0878662bfde4e","sha512":"bac2f02a0f493b697ffa5492e76831eb473c0f97b5ba6fd87d6faee7cad38992b1e66f69b0b2f3fd18017a9caef9d410e5e8f90ee6eee141fc40eb9d1738aeb1","ssdeep":"","tlshash":"73c02b50b60c56508037d0c5c4c00851206a3b1ae62797f78d01ed35cfcf160b58e584","first_seen":"2025-01-10T12:51:25.86084Z","last_seen":"2026-04-08T20:24:41.841647Z","times_seen":480,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-2d0b5a45.5a587aae.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:27.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-2d0b5a45.5a587aae.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-bbe\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3006,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2990), with no line terminators","md5":"94fce710d5a4657ee567a62c74db1020","sha1":"7ba4b6cd93bbe00ec7526c06673b012e14cb2bc3","sha256":"6ecd051eb49d14764dfe92c78184c6d25717d50084cdeea8959811337848641d","sha512":"b8133c7b6492d358ccaa8fd357efc68472c1a4d85b2814fda3f1107ce036cdf4340095814a9b356e9a9ad86882577b73874785e0ff8216602b9bb6397756b093","ssdeep":"","tlshash":"ff51744831a3eae702e9a092b82f3705f3753e499421e05577e1c7d4da685aa331bf39","first_seen":"2025-01-10T12:51:25.903742Z","last_seen":"2026-04-08T20:24:41.774663Z","times_seen":468,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-5915ee8d.1676c5db.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-5915ee8d.1676c5db.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-4b4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1204,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1092), with no line terminators","md5":"8b5e78b24520aacf7bec8f2419e1be5c","sha1":"62903d24b0f133599f40b273d371b21fb174ec25","sha256":"2fa561a50af8cb8d65d1565fcaf942bc2639da23d62626aa5cb772cd6228e024","sha512":"ab33cdb620aef3c9474596d68774fbebd1806e85f8e09592b9160090c4ea8a24d26c8d628edcd0df2d1c835937bc6b55c693601fadecd22f7a314bed51233859","ssdeep":"","tlshash":"ca21e084f4d3f67edd2b4446110f3a30f0921ea91410a4c2b174c4966779ee5571fe7c","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-04-08T20:24:41.762246Z","times_seen":730,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-5a173067.82b58a1a.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-5a173067.82b58a1a.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-582e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22574,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22278), with no line terminators","md5":"d2dcf0a06468bc415e244036037a53c3","sha1":"aa93f023f7985ecf7ac0d89cfb720f301ed6aa20","sha256":"c925c22a9efe71fd398efc2efd8588450de8e08f486737a401b4311867f3714b","sha512":"c39be18f592872b76836f696860122c476089924e75e093d75b2cde7205ba2bdd0fdcfde1cadcdc5d2624d06be1ded57453dca7a3204a1f9cfbc4b553a62534d","ssdeep":"384:4CohviaOBzti9zB7tIBekIJDjjSmp2wtp+ddl7856U2f/nJoxSVdQBlh5/m5zYKh:4XJ0mpFNqTqg770ns/JKqOzTONBUJVhS","tlshash":"eda294cdb5c672071ea630b3317f35c82336b44c39089555b3ada49c76ac6a89e32f79","first_seen":"2025-05-18T06:03:19.652555Z","last_seen":"2026-04-08T20:24:41.820921Z","times_seen":329,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/js/chunk-6e4f04a4.a10abc52.js","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:28.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /js/chunk-6e4f04a4.a10abc52.js HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13a5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5029,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5029), with no line terminators","md5":"1f64a4dd650fd3886e5b07b635ef4396","sha1":"2d6efe25ef9f27bdee3cc815608a85a922646ad2","sha256":"cace7cdb6c61f09be8915ca4c5cb63a2c69b83fa26ab8b5e6226b51ceea5918f","sha512":"3caef58465c39a5396a847ef4712731d0bdc5b52500c522b6410fc1b041762bacde488d86a579cd213dfc312800599199145e2ee2c583d458c2c373b5cfc5ef4","ssdeep":"96:mbAxCrPwsEiRiRJK+H19mHRMR4RMpBGhBfL3U2xK7q5bCS4M1qMreL:mEs9QzYMmMihBj5xl5bCSMlL","tlshash":"c1a1c9c8a5e5acda07a392a1503f31d5b212d11564337482fb71cfef3d6e6d60902b2b","first_seen":"2024-05-06T19:02:51Z","last_seen":"2026-04-08T20:24:41.818457Z","times_seen":655,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-73564486.52cd7bff.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-73564486.52cd7bff.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1d6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":470,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (470), with no line terminators","md5":"1303931865d0bba4bf8e0d2cb40b0f48","sha1":"6207226b686d82a8f132bf72f28d96e118ab1694","sha256":"33dfe1c2364df348b7f945aa7163014a5d6ceffe631f62dbd0c1df25a20e003e","sha512":"dfa20c0405025438190a91744f852ad4a9cdb311dff4b556a9cdbb352cd43e90e9f1d8423ed1c46bdccf73a602946833c36de1ff951528b8cf7cf3000410ea18","ssdeep":"","tlshash":"bcf020f63e9f407c06f6e685904019654297b727824216897eaae8301c8b0873b309cc","first_seen":"2025-05-18T06:03:19.628705Z","last_seen":"2026-04-08T20:24:41.847346Z","times_seen":360,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":382,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glowremotely.com/css/chunk-75292e3e.702a8b86.css","fqdn":"glowremotely.com","domain":"glowremotely.com","tld":"com"},"ip":{"addr":"182.16.78.66","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://glowremotely.com/","date":"2026-03-25T15:52:25.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"glowremotely.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:57:58 GMT","end":"Sun, 21 Jun 2026 13:57:57 GMT"},"fingerprint":{"sha1":"A4:43:E4:5D:84:09:15:E4:78:E1:BE:A7:E6:1E:9A:00:C7:75:D4:5E","sha256":"97:28:93:CD:D3:A1:BE:4F:77:46:5D:54:4F:45:AE:C9:7B:74:4A:6E:70:05:82:6E:8D:76:B2:69:CE:4D:EF:53"}}},"request":{"raw":"GET /css/chunk-75292e3e.702a8b86.css HTTP/1.1\r\nHost: glowremotely.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://glowremotely.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Wed, 25 Mar 2026 15:52:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-78d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1933,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1933), with no line terminators","md5":"1cad8313ce8f33330685a969429cdca2","sha1":"1ea22dc3dc29789c9f94dcebc85425b5d90a4d03","sha256":"296bf0db8829d0c816826333b799ac3675121ecc33f3fbcd3c96023e159fe153","sha512":"348a870e1b1e2162136410f5fea24118870d3352e97b774c7cba2ba1a431db4bfc81bfeebbb33913bc4e2968d38c0a73d58a909175e90a4b1c508d6c62546875","ssdeep":"","tlshash":"bc418e32a92d310cf03fe259aa953ad80438f205f5231c6c6117ae6d0fcb2f7a2dc985","first_seen":"2024-09-10T16:42:49Z","last_seen":"2026-04-08T20:24:41.842216Z","times_seen":575,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":373,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-25","alert":"Phishing Block","trigger":"glowremotely.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"glowremotely.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}