| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cdn.growleading.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 74251
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.growleading.click/bundle.53afadfb72b70fb3310d.js | 188.114.96.1 | 200 OK | 228 kB |
URL GET HTTP/3cdn.growleading.click/bundle.53afadfb72b70fb3310d.js IP188.114.96.1:443
Requested byhttps://cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393 CertificateIssuerGoogle Trust Services LLC Subjectgrowleading.click FingerprintAE:41:2A:97:B8:65:6B:C6:A6:DC:D0:32:30:27:0D:28:67:F2:58:38 ValiditySat, 02 Mar 2024 00:52:16 GMT - Fri, 31 May 2024 00:52:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size228 kB (228222 bytes) Hash093513b8d5fba7093dff1fdf016f5407 bf30a9961e150c13a3752e3093bf58c4e06eb614 bc593a88fb380bd82c57fb15b1981305d6e3c7baf0a48dd7dc937442e36cd330
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /bundle.53afadfb72b70fb3310d.js HTTP/1.1
Host: cdn.growleading.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 13:05:09 GMT
content-type: application/javascript
x-amz-id-2: upxBlPwf0zuoS3VcEDEAXufM/TRUACJfElwi+TuOcXc+HL5LcZ54WDZoYK8Q6fG69snyS8GCN7o=
x-amz-request-id: 012CXXBGMX0R59MT
last-modified: Tue, 12 Mar 2024 09:49:01 GMT
etag: W/"093513b8d5fba7093dff1fdf016f5407"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otYvutJ%2ByjxXEYBh%2BqhKTR7HnodTZY8VuIHUxwz%2Fv4UB5EQoVASccom0baB1%2BhCCgDK%2B%2F%2F84gctTJ2qbqRRY%2FXWNr7i795qMRMJGs8WmSLHmh8kQQFAxPyvwTK3GwHQn7ff%2Bbewac8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87964da0a8c2568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393 | 188.114.96.1 | 200 OK | 14 kB |
URL User Request GET HTTP/2cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectgrowleading.click FingerprintAE:41:2A:97:B8:65:6B:C6:A6:DC:D0:32:30:27:0D:28:67:F2:58:38 ValiditySat, 02 Mar 2024 00:52:16 GMT - Fri, 31 May 2024 00:52:15 GMT
File typeHTML document, ASCII text, with very long lines (565) Hash511a359c8ae24f28d5a8c782bba86e83 964bb61eb9d26c1e0cc3bffdf1848f4d4afec11b 78837be3dcd87146fabc8af1f5207991417f7f3efe4dab6a53fe07356a98166c
GET /?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393 HTTP/1.1
Host: cdn.growleading.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 13:05:08 GMT
content-type: text/html
x-amz-id-2: c1GWVqm2Cm9MViFUrK8vlQjSMTO2JMlwC/7A1tzF5Kc0ybKXqBgZf3nEj3eS1lUWQNFnb4lbzCY=
x-amz-request-id: RDP85JY8XQ34QT1Z
last-modified: Tue, 12 Mar 2024 09:49:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGh6myfvl4G14btegWBAStAI5nHXh2DA864lqNv3%2FOTKZnqRUJPSobSXwI%2FlGY12%2FE6QiGdoH4ZH89s5uoMNhcRcpYGmGRU%2FoZuZ4JDNahH%2FngRhwEQN0LUg%2F7jD%2BbUCSt32JYMm7Go%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87964d9e6b6756c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto&family=Manrope:wght@500;700&display=swap | 142.250.74.106 | 200 OK | 6.5 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto&family=Manrope:wght@500;700&display=swap IP142.250.74.106:443
Requested byhttps://cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (6661), with no line terminators Hashff6bcc64945abec75d816c92bf99ab41 807443fab6e7bb8efaed6a26e5795cd13dc4284a 24f926de4eca87380ee173fbe78ff0ead778764fabf55491430ede913818af89
GET /css2?family=Roboto&family=Manrope:wght@500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.growleading.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 13:05:09 GMT
date: Wed, 24 Apr 2024 13:05:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.growleading.click/favicon.ico | 188.114.96.1 | 404 Not Found | 346 B |
URL GET HTTP/3cdn.growleading.click/favicon.ico IP188.114.96.1:443
Requested byhttps://cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393 CertificateIssuerGoogle Trust Services LLC Subjectgrowleading.click FingerprintAE:41:2A:97:B8:65:6B:C6:A6:DC:D0:32:30:27:0D:28:67:F2:58:38 ValiditySat, 02 Mar 2024 00:52:16 GMT - Fri, 31 May 2024 00:52:15 GMT
File typeHTML document, ASCII text, with very long lines (360), with no line terminators Hash27c92897637e3e6920e872811fc5ca25 bc31c3d25fabd120dc799bd0ee45d5ab4e5d6831 9a48bd44eb6d7802c4cc625ae9f952b57182a8ec325e139ea8e69b71eeba64ef
GET /favicon.ico HTTP/1.1
Host: cdn.growleading.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 13:05:10 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: 0122HHX74R94766Q
x-amz-id-2: 12lC5dpCQOk+ye1qlk4ATiYxN7ETKVnJx3CN928eJ+QLnZ2pvQC9IWYKJDYZ+8767mXwMDM/M/U=
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLM3NoS5UqfkRSeL5N%2FAgjcphTpLhZuVyAtMImxhxFSoL4XAgNOww%2BI%2BzlSjmt0VFPlY3CeNdSJ5V4VhwaWxC4leDG%2FsvqJrTvePv9W1HSNSBG2rfJOqtoP5gWduMIZHG%2FGMyjTiw6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87964da53e35568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| o4506133588672512.ingest.sentry.io/api/4506257503092736/envelope/?sentry_key=770381e9fb5acb78aefbdbd3fb63a2dd&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.80.1 | 34.120.195.249 | 429 Too Many Requests | 198 B |
URL POST HTTP/2o4506133588672512.ingest.sentry.io/api/4506257503092736/envelope/?sentry_key=770381e9fb5acb78aefbdbd3fb63a2dd&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.80.1 IP34.120.195.249:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://cdn.growleading.click/?_subid=17bpvhu7sac12&_token=uuid_17bpvhu7sac12_17bpvhu7sac1266290356ec34b6.97474393 CertificateIssuerDigiCert Inc Subjectingest.sentry.io Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash697a7e942d5a8b2eb7c7d378aedce635 524f923b4698358ab5ec940185acbe9d457ab5d6 4fccc172d019cb9548b6e597bd131872349734d3eeab195884c10c5cae27abcc
POST /api/4506257503092736/envelope/?sentry_key=770381e9fb5acb78aefbdbd3fb63a2dd&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.80.1 HTTP/1.1
Host: o4506133588672512.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.growleading.click/
Content-Type: text/plain;charset=UTF-8
Content-Length: 5766
Origin: https://cdn.growleading.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
server: nginx
date: Wed, 24 Apr 2024 13:05:10 GMT
content-type: application/json
retry-after: 60
x-sentry-rate-limits: 60:transaction;profile:organization:transaction_usage_exceeded
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|