| fonts.googleapis.com/css2?family=Roboto&family=Manrope:wght@500;700&display=swap | 142.250.74.74 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto&family=Manrope:wght@500;700&display=swap IP142.250.74.74:443
Requested byhttps://cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash8bf85dff7f4aa9eaad193c10816d1bea e2136e45847f5ef92a67b78f60a7ed6618be068b ea2c47d7a3cc2fbd49b404f276edc93d9511a79bec580e383707fc0029409006
GET /css2?family=Roboto&family=Manrope:wght@500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.growleading.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:53:26 GMT
date: Thu, 18 Apr 2024 06:53:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.growleading.click/bundle.53afadfb72b70fb3310d.js | 188.114.96.1 | 200 OK | 234 kB |
URL GET HTTP/3cdn.growleading.click/bundle.53afadfb72b70fb3310d.js IP188.114.96.1:443
Requested byhttps://cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430 CertificateIssuerGoogle Trust Services LLC Subjectgrowleading.click FingerprintAE:41:2A:97:B8:65:6B:C6:A6:DC:D0:32:30:27:0D:28:67:F2:58:38 ValiditySat, 02 Mar 2024 00:52:16 GMT - Fri, 31 May 2024 00:52:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size234 kB (233506 bytes) Hash093513b8d5fba7093dff1fdf016f5407 bf30a9961e150c13a3752e3093bf58c4e06eb614 bc593a88fb380bd82c57fb15b1981305d6e3c7baf0a48dd7dc937442e36cd330
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /bundle.53afadfb72b70fb3310d.js HTTP/1.1
Host: cdn.growleading.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:53:26 GMT
content-type: application/javascript
x-amz-id-2: 8EFbCdmHQ8BcLtVgkFlHhTtXlcD+WnwDCguEFcCWNuRhxsiwINSUaatNh/9d3vXia4ggLNXF++0=
x-amz-request-id: XMMVKBMCP32AFE37
last-modified: Tue, 12 Mar 2024 09:49:01 GMT
etag: W/"093513b8d5fba7093dff1fdf016f5407"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBtrwWCJhRUABEZfFm2kplCdc8BERBr7gcULVYu4gSxHnbl08IJAaf6AuacRrUbINKxnuxdMxajsKFZqFaJ1V4C8wJpGluKB9u0FtY2kGsebAS21NsxWj7SqK8RtXbk9Ts3J9MLtAnM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762bcdeb86056a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.growleading.click/favicon.ico | 188.114.96.1 | 404 Not Found | 3.7 kB |
URL GET HTTP/3cdn.growleading.click/favicon.ico IP188.114.96.1:443
Requested byhttps://cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430 CertificateIssuerGoogle Trust Services LLC Subjectgrowleading.click FingerprintAE:41:2A:97:B8:65:6B:C6:A6:DC:D0:32:30:27:0D:28:67:F2:58:38 ValiditySat, 02 Mar 2024 00:52:16 GMT - Fri, 31 May 2024 00:52:15 GMT
File typeHTML document, ASCII text Hash9cc1cb3c5c40b3b36119fb97031156e2 16c2b0b0905623943d8320825907e6d25b047790 0a883db02264ba065ab416ceaf8f0f612e5a54b62cc1b16e2c79725326ece499
GET /favicon.ico HTTP/1.1
Host: cdn.growleading.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 06:53:26 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: XMMSC2TAVDTRF9F9
x-amz-id-2: REve9mgqm+qT+byt8PRkpdgZT1UakpSkp7J8p4fTl9MlSo0+vYnqIIrkDPDz7r57jfIzBSmN66Q=
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYHj9GXONWgDSvct71m1YwTmML3PIZe7IfKQIQa92oE2ctPResSnRdGuJhQtYmkYfYIbRJouRE99slX6zJEXL8k%2BvWfRx61mgfVO95SnWbX0v3aauVRXN05uCvrtUlDsX5ks7lPkWAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762bce33e8756a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| o4506133588672512.ingest.sentry.io/api/4506257503092736/envelope/?sentry_key=770381e9fb5acb78aefbdbd3fb63a2dd&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.80.1 | 34.120.195.249 | 429 Too Many Requests | 8.2 kB |
URL POST HTTP/2o4506133588672512.ingest.sentry.io/api/4506257503092736/envelope/?sentry_key=770381e9fb5acb78aefbdbd3fb63a2dd&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.80.1 IP34.120.195.249:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430 CertificateIssuerDigiCert Inc Subjectingest.sentry.io Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash478b411c59eb87249bea32cf7c7be5d2 023907c62eb55758905bb3c0e640b5b204ae0652 bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
POST /api/4506257503092736/envelope/?sentry_key=770381e9fb5acb78aefbdbd3fb63a2dd&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.80.1 HTTP/1.1
Host: o4506133588672512.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.growleading.click/
Content-Type: text/plain;charset=UTF-8
Content-Length: 5773
Origin: https://cdn.growleading.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
server: nginx
date: Thu, 18 Apr 2024 06:53:27 GMT
content-type: application/json
retry-after: 60
x-sentry-rate-limits: 60:transaction;profile:organization:transaction_usage_exceeded
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430 | 188.114.96.1 | 200 OK | 14 kB |
URL User Request GET HTTP/2cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectgrowleading.click FingerprintAE:41:2A:97:B8:65:6B:C6:A6:DC:D0:32:30:27:0D:28:67:F2:58:38 ValiditySat, 02 Mar 2024 00:52:16 GMT - Fri, 31 May 2024 00:52:15 GMT
File typeHTML document, ASCII text, with very long lines (565) Hash511a359c8ae24f28d5a8c782bba86e83 964bb61eb9d26c1e0cc3bffdf1848f4d4afec11b 78837be3dcd87146fabc8af1f5207991417f7f3efe4dab6a53fe07356a98166c
GET /?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430 HTTP/1.1
Host: cdn.growleading.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:53:25 GMT
content-type: text/html
x-amz-id-2: U/uwobAyvIzDrbJaFkC0mVWeAOFztVIHo0tNgGsG3OvJZAQbcE4P22rlq0pPbQ+d+J2F+u5jv7s=
x-amz-request-id: CH0DHX1HS66Y6FB1
last-modified: Tue, 12 Mar 2024 09:49:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9tbci4Fd5gDu0MSJc%2Fb5m9pgjWVd5u20O011T7ZbJe%2BhiEPV1216ol%2FkdI2NW0yElpkKSiVo%2FMXzmnt2BqQs4ShpczkcTnMcWdHTOhJWqmS%2BFNfRw0zabSlyUCPfBEpe%2FbMpYMr4Ms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762bcdcbc5556b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttps://cdn.growleading.click/?_subid=umm6lu7j4ib8&_token=uuid_umm6lu7j4ib8_umm6lu7j4ib86620c33ab9e962.59711430 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cdn.growleading.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 15385
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|