Report - www.badcreditresources.com/

Report Overview

Submitted URL
www.badcreditresources.com/
IP
67.212.168.122
ASN
#32475 SINGLEHOP-LLC
Submitted
2022-11-25 09:31:03
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
76

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	60 kB	34.120.237.76
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	476 B	1.2 kB	142.250.74.164
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	6.5 kB	151.101.85.229
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.64.191
www.badcreditresources.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	34 kB	2.4 MB	67.212.168.122
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
data.hockeystack.com	70938	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	977 B	1.1 kB	35.157.54.242
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	651 B	349 B	157.240.200.35
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	939 B	22 kB	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.2 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	21 kB	142.250.74.174
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	33 kB	216.58.207.195
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	876 B	122 kB	142.250.74.168
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	29 kB	157.240.200.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	www.badcreditresources.com/	Malware
2022-11-25	medium	www.badcreditresources.com/	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/plugins/litespeed-cache/guest.vary.php	Malware
2022-11-25	medium	www.badcreditresources.com/	Malware
2022-11-25	medium	www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js	Malware
2022-11-25	medium	www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/19c448c9cff9c45b5b755597554f41e1.css?ver=c0ad5	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/92488fa9190dad23914e2834aec8b679.css?ver=8b679	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/447d88b5ca5df5c19939c97dbf6790fa.css?ver=790fa	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/19d4afe4ec912592acad00a3d78c638b.css?ver=c638b	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/c0481dcb4e02fc74cdfb1f52d22d955e.css?ver=d955e	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/1965f61f323f5647466a9fee1a5dd6d8.css?ver=dd6d8	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/4b18adcd730a48663ba3decc2ef7b340.css?ver=7b340	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/b75211194d6e15f1f5c2ba2f723d7dfd.css?ver=d7dfd	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/6a92ce2f9f38fc764e43467cd86a80e3.css?ver=a80e3	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/92916bb8222fe83278d5fe8fb59dea3d.css?ver=dea3d	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/7e23496206b589ee6dcafb12582300f4.css?ver=300f4	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/f7ebde7fa24367e8826656c8b1c88329.css?ver=88329	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/8487522f0e6adfb31c37e39e55f523d9.css?ver=523d9	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/183ca4d12fdd7c0b515071edec6772ea.css?ver=772ea	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/38f576cf962554a9508c97ee4afe73cf.css?ver=e73cf	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/2015acbc81f179cd047aebfe0e9abfd5.css?ver=abfd5	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/615f851e5456a592b5fcfa83a5c2f2d7.css?ver=21bc0	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.ttf	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/adf4440466cdf1553d1ade3424e63b1f.css?ver=63b1f	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/ec77d927f042413d108c851950cc1da7.css?ver=c1da7	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff	Malware
2022-11-25	medium	www.badcreditresources.com/wp-content/litespeed/css/c131d51e057aab303d3bf25e033aeaf1.css?ver=aeaf1	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (48)

	URL	Size	First Seen	Last Seen
	http:text/javascript;base64,dmFyIG1ldGFzbGlkZXJfMTEzNjU9ZnVuY3Rpb24oJCl7JCgnI21ldGFzbGlkZXJfMTEzNjUnKS5hZGRDbGFzcygnZmxleHNsaWRlcicpOyQoJyNtZXRhc2xpZGVyXzExMzY1JykuZmxleHNsaWRlcih7c2xpZGVzaG93U3BlZWQ6MzAwMCxhbmltYXRpb246ImZhZGUiLGNvbnRyb2xOYXY6ITAsZGlyZWN0aW9uTmF2OiEwLHBhdXNlT25Ib3ZlcjohMCxkaXJlY3Rpb246Imhvcml6b250YWwiLHJldmVyc2U6ITEsYW5pbWF0aW9uU3BlZWQ6NjAwLHByZXZUZXh0OiJQcmV2aW91cyIsbmV4dFRleHQ6Ik5leHQiLGZhZGVGaXJzdFNsaWRlOiEwLHNsaWRlc2hvdzohMH0pOyQoZG9jdW1lbnQpLnRyaWdnZXIoJ21ldGFzbGlkZXIvaW5pdGlhbGl6ZWQnLCcjbWV0YXNsaWRlcl8xMTM2NScpfTt2YXIgdGltZXJfbWV0YXNsaWRlcl8xMTM2NT1mdW5jdGlvbigpe3ZhciBzbGlkZXI9IXdpbmRvdy5qUXVlcnk/d2luZG93LnNldFRpbWVvdXQodGltZXJfbWV0YXNsaWRlcl8xMTM2NSwxMDApOiFqUXVlcnkuaXNSZWFkeT93aW5kb3cuc2V0VGltZW91dCh0aW1lcl9tZXRhc2xpZGVyXzExMzY1LDEpOm1ldGFzbGlkZXJfMTEzNjUod2luZG93LmpRdWVyeSl9O3RpbWVyX21ldGFzbGlkZXJfMTEzNjUoKQ==	613 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,dmFyIG1ldGFzbGlkZXJfMTEzNjU9ZnVuY3Rpb24oJCl7JCgnI21ldGFzbGlkZXJfMTEzNjUnKS5hZGRDbGFzcygnZmxleHNsaWRlcicpOyQoJyNtZXRhc2xpZGVyXzExMzY1JykuZmxleHNsaWRlcih7c2xpZGVzaG93U3BlZWQ6MzAwMCxhbmltYXRpb246ImZhZGUiLGNvbnRyb2xOYXY6ITAsZGlyZWN0aW9uTmF2OiEwLHBhdXNlT25Ib3ZlcjohMCxkaXJlY3Rpb246Imhvcml6b250YWwiLHJldmVyc2U6ITEsYW5pbWF0aW9uU3BlZWQ6NjAwLHByZXZUZXh0OiJQcmV2aW91cyIsbmV4dFRleHQ6Ik5leHQiLGZhZGVGaXJzdFNsaWRlOiEwLHNsaWRlc2hvdzohMH0pOyQoZG9jdW1lbnQpLnRyaWdnZXIoJ21ldGFzbGlkZXIvaW5pdGlhbGl6ZWQnLCcjbWV0YXNsaWRlcl8xMTM2NScpfTt2YXIgdGltZXJfbWV0YXNsaWRlcl8xMTM2NT1mdW5jdGlvbigpe3ZhciBzbGlkZXI9IXdpbmRvdy5qUXVlcnk/d2luZG93LnNldFRpbWVvdXQodGltZXJfbWV0YXNsaWRlcl8xMTM2NSwxMDApOiFqUXVlcnkuaXNSZWFkeT93aW5kb3cuc2V0VGltZW91dCh0aW1lcl9tZXRhc2xpZGVyXzExMzY1LDEpOm1ldGFzbGlkZXJfMTEzNjUod2luZG93LmpRdWVyeSl9O3RpbWVyX21ldGFzbGlkZXJfMTEzNjUoKQ== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 7bef3c74a64e4a5850f39dbcfa8579b5 fe20f3c37d855c1838421a7e42f96751eb05b528 6d0ebbd9915099cc98b48df138e8b24941834d0b3d201f132df83e7a79dec6d1 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/43d5e9129374bda51f6ff3251b094d6b.js?ver=94d6b	11 kB	2023-03-07	2024-04-02
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/43d5e9129374bda51f6ff3251b094d6b.js?ver=94d6b IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:20 Last Seen2024-04-02 17:19:56 Times Seen188 Hash 277209f6d1232cf257a1204c32c00327 a92273bb1dd96ec8ce128b0f2617d79b44512b46 2b5f4f75baa3e2e2826110e5ee4a78cca53b1aaf03c8227570149ca7aaeb24c0 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/580334634f449aca439785711f90f072.js?ver=0f072	48 kB	2023-03-11	2023-03-11
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/580334634f449aca439785711f90f072.js?ver=0f072 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash c37cc6232e1891484dbee8f46a47c4bf 445e6ff166c4c5eba7e9c07a6bd6231f11e00cb7 342b07645d8e9f746dc0429a92cd875fa62396bd80cbf1f9863d7ad2faed8fbc Loading...

	http:text/javascript;base64,dmFyIHdwY2Y3PXsiYXBpIjp7InJvb3QiOiJodHRwczpcL1wvd3d3LmJhZGNyZWRpdHJlc291cmNlcy5jb21cL3dwLWpzb25cLyIsIm5hbWVzcGFjZSI6ImNvbnRhY3QtZm9ybS03XC92MSJ9LCJjYWNoZWQiOiIxIn0=	122 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,dmFyIHdwY2Y3PXsiYXBpIjp7InJvb3QiOiJodHRwczpcL1wvd3d3LmJhZGNyZWRpdHJlc291cmNlcy5jb21cL3dwLWpzb25cLyIsIm5hbWVzcGFjZSI6ImNvbnRhY3QtZm9ybS03XC92MSJ9LCJjYWNoZWQiOiIxIn0= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 196bd95ba366814ddb18743215bf948f 24ff5dbb4669643e3c6d302dd7c40fa8c07d9bff ff3c8fc12a127d6de8413ad2ca160c38d6bdc8c32415176911b1df5107d09ed3 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/657a6b6b57d422ec910436011d777971.js?ver=77971	602 B	2023-03-11	2023-12-03
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/657a6b6b57d422ec910436011d777971.js?ver=77971 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-12-03 09:45:17 Times Seen10 Hash 74c0c733d7d003bf99bcda2ba8651e97 8f4f76280ba06fcab1e451fcca8cdeb8abb09e63 3702ecb6ae86aca38db62af5b981b4ff0728bcd2d7fc6d605b52b91c890c6db7 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/fc8b36bc3e75990797c35c781015fc69.js?ver=5fc69	3.6 kB	2023-03-11	2023-03-11
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/fc8b36bc3e75990797c35c781015fc69.js?ver=5fc69 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 012950120870002597b0f4116e70161d 32772b185474b453a225d5e03c976771507e7ef8 f3f0f9c5975e41beae370de7b8881271e3a5ee59f6d1595343b37c7459e7b679 Loading...

	http:text/javascript;base64,dmFyIHdwY2Y3X3JlY2FwdGNoYT17InNpdGVrZXkiOiI2TGRBWnFvZUFBQUFBSW96M1B4OFB1Ujg2R25CZXZOQ0NSS0dIcVB1IiwiYWN0aW9ucyI6eyJob21lcGFnZSI6ImhvbWVwYWdlIiwiY29udGFjdGZvcm0iOiJjb250YWN0Zm9ybSJ9fQ==	136 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,dmFyIHdwY2Y3X3JlY2FwdGNoYT17InNpdGVrZXkiOiI2TGRBWnFvZUFBQUFBSW96M1B4OFB1Ujg2R25CZXZOQ0NSS0dIcVB1IiwiYWN0aW9ucyI6eyJob21lcGFnZSI6ImhvbWVwYWdlIiwiY29udGFjdGZvcm0iOiJjb250YWN0Zm9ybSJ9fQ== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 2a350ef443f5d21190c51f81f266ebe7 658e8e922aa09caef201f18926da97988d09c892 8557b4e3ec27ee272641c4a11fa85e10059d9831260fb6c43e7366466647264e Loading...

	www.badcreditresources.com/	8.3 kB	2023-03-07	2024-04-19
Pretty URL www.badcreditresources.com/ IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 14:54:08 Times Seen2045 Hash eb78fac132e7cff1e4556b0ee5be04cf 8c0633f511df47c21639be83c719ae0e1ea26555 163c4d52fb653e1c2463e1a0e397faa297729ad6269b5205b915f3ed4b8b8d8b Loading...

	www.badcreditresources.com/	408 B	2023-03-07	2024-04-14
Pretty URL www.badcreditresources.com/ IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-14 16:04:21 Times Seen332 Hash d3fb31fc4a0b37980210c57f2698989d 82a161b3a63cf0d5a5b37e9eacdfaf298bcbb55b 45200934a32157fcedfec503f25c156ed7a19df9a9538269e7848ad8f1adc936 Loading...

	http:text/javascript;base64,d2luZG93LmRhdGFMYXllcj13aW5kb3cuZGF0YUxheWVyfHxbXTtmdW5jdGlvbiBndGFnKCl7ZGF0YUxheWVyLnB1c2goYXJndW1lbnRzKX0KZ3RhZygnc2V0JywnbGlua2VyJyx7ImRvbWFpbnMiOlsid3d3LmJhZGNyZWRpdHJlc291cmNlcy5jb20iXX0pO2d0YWcoImpzIixuZXcgRGF0ZSgpKTtndGFnKCJzZXQiLCJkZXZlbG9wZXJfaWQuZFpUTmlNVCIsITApO2d0YWcoImNvbmZpZyIsIlVBLTIyNTM2NzkzNS0yIix7ImFub255bWl6ZV9pcCI6ITB9KQ==	256 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,d2luZG93LmRhdGFMYXllcj13aW5kb3cuZGF0YUxheWVyfHxbXTtmdW5jdGlvbiBndGFnKCl7ZGF0YUxheWVyLnB1c2goYXJndW1lbnRzKX0KZ3RhZygnc2V0JywnbGlua2VyJyx7ImRvbWFpbnMiOlsid3d3LmJhZGNyZWRpdHJlc291cmNlcy5jb20iXX0pO2d0YWcoImpzIixuZXcgRGF0ZSgpKTtndGFnKCJzZXQiLCJkZXZlbG9wZXJfaWQuZFpUTmlNVCIsITApO2d0YWcoImNvbmZpZyIsIlVBLTIyNTM2NzkzNS0yIix7ImFub255bWl6ZV9pcCI6ITB9KQ== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 57d233e662e1debd63b111fb480bccb3 4ea9cecbc10f6f32080dbfd754b6cd4c5ddaf75a be23f32183c7c21c8808508e17c1e24172c1dfa077e1ab6b120b2576b2a04dbd Loading...

	http:text/javascript;base64,IWZ1bmN0aW9uKGYsYixlLHYsbix0LHMpe2lmKGYuZmJxKXJldHVybjtuPWYuZmJxPWZ1bmN0aW9uKCl7bi5jYWxsTWV0aG9kP24uY2FsbE1ldGhvZC5hcHBseShuLGFyZ3VtZW50cyk6bi5xdWV1ZS5wdXNoKGFyZ3VtZW50cyl9O2lmKCFmLl9mYnEpZi5fZmJxPW47bi5wdXNoPW47bi5sb2FkZWQ9ITA7bi52ZXJzaW9uPScyLjAnO24ucXVldWU9W107dD1iLmNyZWF0ZUVsZW1lbnQoZSk7dC5hc3luYz0hMDt0LnNyYz12O3M9Yi5nZXRFbGVtZW50c0J5VGFnTmFtZShlKVswXTtzLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKHQscyl9KHdpbmRvdyxkb2N1bWVudCwnc2NyaXB0JywnaHR0cHM6Ly9jb25uZWN0LmZhY2Vib29rLm5ldC9lbl9VUy9mYmV2ZW50cy5qcycpO2ZicSgnaW5pdCcsJzgzNjM1NTI5OTgwMzQ1MScpO2ZicSgndHJhY2snLCJQYWdlVmlldyIp	429 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,IWZ1bmN0aW9uKGYsYixlLHYsbix0LHMpe2lmKGYuZmJxKXJldHVybjtuPWYuZmJxPWZ1bmN0aW9uKCl7bi5jYWxsTWV0aG9kP24uY2FsbE1ldGhvZC5hcHBseShuLGFyZ3VtZW50cyk6bi5xdWV1ZS5wdXNoKGFyZ3VtZW50cyl9O2lmKCFmLl9mYnEpZi5fZmJxPW47bi5wdXNoPW47bi5sb2FkZWQ9ITA7bi52ZXJzaW9uPScyLjAnO24ucXVldWU9W107dD1iLmNyZWF0ZUVsZW1lbnQoZSk7dC5hc3luYz0hMDt0LnNyYz12O3M9Yi5nZXRFbGVtZW50c0J5VGFnTmFtZShlKVswXTtzLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKHQscyl9KHdpbmRvdyxkb2N1bWVudCwnc2NyaXB0JywnaHR0cHM6Ly9jb25uZWN0LmZhY2Vib29rLm5ldC9lbl9VUy9mYmV2ZW50cy5qcycpO2ZicSgnaW5pdCcsJzgzNjM1NTI5OTgwMzQ1MScpO2ZicSgndHJhY2snLCJQYWdlVmlldyIp IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 2f2c176b2161a87f2ab8078dad1a9b55 8ccc2ef4c79d6b9c22f21613de26abaf130d9dcb 0394a365287693b31126e1d447dcc40c56f96e0b0790606c9f8027183582b7e2 Loading...

	www.googletagmanager.com/gtag/js?id=G-75ZVSM6YVZ	219 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-75ZVSM6YVZ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 60e4c3fdd0e8485fb2467e85f59d6b27 188552e27774ac516368bd5d41fd035d6a3d44b7 e96c8d650a064fe0528053d2b384b2b223c907f95041f546f825750c50262ae2 Loading...

	http:text/javascript;base64,d2luZG93LmRhdGFMYXllcj13aW5kb3cuZGF0YUxheWVyfHxbXTtmdW5jdGlvbiBndGFnKCl7ZGF0YUxheWVyLnB1c2goYXJndW1lbnRzKX0KZ3RhZygnanMnLG5ldyBEYXRlKCkpO2d0YWcoJ2NvbmZpZycsJ0ctNzVaVlNNNllWWicp	132 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,d2luZG93LmRhdGFMYXllcj13aW5kb3cuZGF0YUxheWVyfHxbXTtmdW5jdGlvbiBndGFnKCl7ZGF0YUxheWVyLnB1c2goYXJndW1lbnRzKX0KZ3RhZygnanMnLG5ldyBEYXRlKCkpO2d0YWcoJ2NvbmZpZycsJ0ctNzVaVlNNNllWWicp IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 87c178703696ec0d3ae383727152d09d 0cb2a4740df19ef36ac2c62077f3ef45d7a9b8c5 265f6549a17ff4986fa27878ce553d9561f564a7d8659be7a484b393e6507041 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/fe39c84bd31cbf12b6901c184005b465.js?ver=5b465	4.2 kB	2023-03-09	2023-08-11
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/fe39c84bd31cbf12b6901c184005b465.js?ver=5b465 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:35:38 Last Seen2023-08-11 13:50:07 Times Seen5 Hash 086b379489b558abb7c6d77c776966a5 35c1e0d2c8aad4cfb232b36c36dfd903217a4643 9cfdf1681f09ceff18ff434bd5ddaf9585668ccc17f8b357c7b20c74fcb1ce16 Loading...

	connect.facebook.net/signals/config/836355299803451?v=2.9.89&r=stable	26 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/836355299803451?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash aed6d23d2aa4d92baa4179ee063b5efd 9f863c6273725e2f59f7ac8dbdff0fbac51429af 312f6c5c40843d272a516fa4f9ee5ef6dc1d52442109f347d410e7f4814e4577 Loading...

	www.googletagmanager.com/gtag/js?id=UA-225367935-2	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-225367935-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 3077d8a96de41542e456bd01ac00f72c 62c5cd43488996ef33121c213bc940b3b6d8f8b3 d3d56533bda4da2b79a0f0610899807e6fe63810390fcc6babe8581eb637e75f Loading...

	www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-04-19
Pretty URL www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 12:23:33 Times Seen31780 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/e07426a69e5b35cbd0b10cf9494ca1ee.js?ver=ca1ee	8.5 kB	2023-03-11	2023-03-11
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/e07426a69e5b35cbd0b10cf9494ca1ee.js?ver=ca1ee IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash fecb9238b92944408ccc7b357c0bfe71 900d75d64c4f164df80c914ed21665e9d385e9e9 02f0d15144f5c80b212bc3eb3a91dd4773d6c448a3db744ada926859ebc53c57 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/2cd73354b8c0fc0badbe250f88e52c04.js?ver=52c04	143 kB	2023-03-11	2023-03-11
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/2cd73354b8c0fc0badbe250f88e52c04.js?ver=52c04 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 50694364aab5e6086db8f5d604d05654 d0fc1e58762f61b9589cc0ea26c6810432824fbb 35e81fa278bf03b853147f99c96adb47ff6a507dcf5dc6c771f8e5ddcb852a17 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/d4ec662ca4b133d8b8928848ac3578d3.js?ver=578d3	29 kB	2023-03-11	2023-06-16
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/d4ec662ca4b133d8b8928848ac3578d3.js?ver=578d3 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-06-16 01:43:50 Times Seen3 Hash e2b12dc1f30a7500453ec4a58b570831 9aed8906a20f46a3f2af386f01adfaa462628a7a 9525b4766f2952560bb746a5ada5ed0a2b65c7435d9a4f70433c3a4e2b45affe Loading...

	http:text/javascript;base64,SGFwcHlGb3Jtcz17fQ==	13 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,SGFwcHlGb3Jtcz17fQ== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 6d46b328510b0c162e03293c3cd330cd 85759bd78589cb8b918a68c745b3a3f5f1e3137e e8f3a1377456ec1bd7d83d89de1cccf3b2810d214b2aa053ded86884588a89a7 Loading...

	cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js	14 kB	2023-03-11	2023-03-11
Pretty URL cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:25:42 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 3a75bf095a280d311e79fb2a23129199 6c8549a835d8b34973fbe021a8555a475e2cc121 36194af62959421123794fe1353c0ef94dcea3243b8f9447e8e588184c455f96 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&co=aHR0cHM6Ly93d3cuYmFkY3JlZGl0cmVzb3VyY2VzLmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=xf83m6tmnxez	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&co=aHR0cHM6Ly93d3cuYmFkY3JlZGl0cmVzb3VyY2VzLmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=xf83m6tmnxez IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 19:49:33 Times Seen99083 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.badcreditresources.com/wp-content/litespeed/js/6c5f2965ac8c96e9d03184e110ffef85.js?ver=fef85	988 B	2023-03-11	2023-03-11
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/6c5f2965ac8c96e9d03184e110ffef85.js?ver=fef85 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 16b0c52ade7f6d0de60b0580b4122f04 1389d956f3d338c2e50ce23698bbf78c98c95364 1657bd8df85dddc363253ceb7f254e579392f5cec5198085026bbd52b5b5e14b Loading...

	http:text/javascript;base64,dmFyIHRoaXJzdHlfZ2xvYmFsX3ZhcnM9eyJob21lX3VybCI6IlwvXC93d3cuYmFkY3JlZGl0cmVzb3VyY2VzLmNvbSIsImFqYXhfdXJsIjoiaHR0cHM6XC9cL3d3dy5iYWRjcmVkaXRyZXNvdXJjZXMuY29tXC93cC1hZG1pblwvYWRtaW4tYWpheC5waHAiLCJsaW5rX2ZpeGVyX2VuYWJsZWQiOiJ5ZXMiLCJsaW5rX3ByZWZpeCI6InJlY29tbWVuZHMiLCJsaW5rX3ByZWZpeGVzIjp7IjEiOiJyZWNvbW1lbmRzIn0sInBvc3RfaWQiOiIxMjIyNiIsImVuYWJsZV9yZWNvcmRfc3RhdHMiOiJ5ZXMiLCJlbmFibGVfanNfcmVkaXJlY3QiOiJ5ZXMiLCJkaXNhYmxlX3RoaXJzdHlsaW5rX2NsYXNzIjoiIn0=	338 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,dmFyIHRoaXJzdHlfZ2xvYmFsX3ZhcnM9eyJob21lX3VybCI6IlwvXC93d3cuYmFkY3JlZGl0cmVzb3VyY2VzLmNvbSIsImFqYXhfdXJsIjoiaHR0cHM6XC9cL3d3dy5iYWRjcmVkaXRyZXNvdXJjZXMuY29tXC93cC1hZG1pblwvYWRtaW4tYWpheC5waHAiLCJsaW5rX2ZpeGVyX2VuYWJsZWQiOiJ5ZXMiLCJsaW5rX3ByZWZpeCI6InJlY29tbWVuZHMiLCJsaW5rX3ByZWZpeGVzIjp7IjEiOiJyZWNvbW1lbmRzIn0sInBvc3RfaWQiOiIxMjIyNiIsImVuYWJsZV9yZWNvcmRfc3RhdHMiOiJ5ZXMiLCJlbmFibGVfanNfcmVkaXJlY3QiOiJ5ZXMiLCJkaXNhYmxlX3RoaXJzdHlsaW5rX2NsYXNzIjoiIn0= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 6f18396af47f29d2da09d05ccddd11d0 32f0a1f45d63fd40f0c872630a2a1756d40454a5 1c32ec0a4cfdf25ad23805c302df6e70a5d202a0b4139aa8ee16b1e1088d888a Loading...

	www.google.com/recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0	884 B	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash b53249b1c4ab231c1cb8c1dd155e2e56 c990960b0b624ed80add5a0995e8437ad602dd17 7751f86cd5231966709c414a7e57ecbd36968d8896f42de17cb9dc02ce2b8144 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/aaea3944a24a634363cf90938886282e.js?ver=6282e	1.0 kB	2023-03-07	2024-02-23
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/aaea3944a24a634363cf90938886282e.js?ver=6282e IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:28:30 Last Seen2024-02-23 11:39:53 Times Seen249 Hash 151a0635392c3a20e3e14607d0993592 c127e3922e125ddad4ef3e595786564acfd6b6b8 87b71f47ef5c875c53b2f978acb68b615875f51db41d5cfccd6e2dfa8a20a6c7 Loading...

	www.badcreditresources.com/	215 B	2023-03-07	2024-04-19
Pretty URL www.badcreditresources.com/ IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 10:36:16 Times Seen1876 Hash dc0923c33f2f758c84c52fbb61c834a3 b058be2d1733bff3d424d94ace699f13151e3df7 d37ef4938c8ae1d3621058c0b807b594bdff045977dab405590883e514289ac3 Loading...

	www.badcreditresources.com/	1.7 kB	2023-03-07	2024-04-14
Pretty URL www.badcreditresources.com/ IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-14 16:04:21 Times Seen431 Hash a0fe609408d246ad7b8e4b97cf257299 e506fb7cf42b400080ab195e688bb6e5c1a9d265 9fa087232ef1e1c40fd5e8eb188ae899fd7b5d00d4adcd1f5e8e48148b972304 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/e50b40fa43488e5627e25b627f4c86b9.js?ver=c86b9	7.5 kB	2023-03-11	2023-12-03
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/e50b40fa43488e5627e25b627f4c86b9.js?ver=c86b9 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-12-03 09:45:17 Times Seen10 Hash 4e7fb9a4071349b27a202b7b696490b8 8b53cefde69adb35284f5e4294d6c755b12dc0f2 efdd51edf58a7bc5e43f8984c73d2f198d7c348342b79201760860b4bbedf9fe Loading...

	www.badcreditresources.com/wp-content/litespeed/js/06239318e0e004ec75d7707e250f8ef8.js?ver=f8ef8	2.9 kB	2023-03-11	2023-03-11
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/06239318e0e004ec75d7707e250f8ef8.js?ver=f8ef8 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 85320d12cdfb168e0898a96a4ececeee 4007216201c605e2f86f7fe10586492ba0e10c49 c486ad9fdf3b572df84206b023044d3500fb9bfccda46041d06a7c5eb410976e Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	www.badcreditresources.com/wp-content/litespeed/js/a1f972015ec9db522a1e5b5c16da6de8.js?ver=a6de8	9.0 kB	2023-03-11	2023-03-11
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/a1f972015ec9db522a1e5b5c16da6de8.js?ver=a6de8 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash b89fc188385d25c6cda77a097f6c4477 2b11e3738444722a24758a944fe0e27fa1f84230 226dd215553b9a5f631821cdf92732f4736392fd7c592692951da61582b764dd Loading...

	www.badcreditresources.com/wp-content/litespeed/js/8f2fb7f8140bebdc337a219c97f24759.js?ver=24759	9.9 kB	2023-03-08	2024-01-23
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/8f2fb7f8140bebdc337a219c97f24759.js?ver=24759 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:01 Last Seen2024-01-23 01:49:09 Times Seen50 Hash 25e348f13706deea89781cd848d9bc1f fadfc3fee3d45a657891290ed741bcf6e1c78b58 06bf52b58acc5f6d38c8f82bce95304ffaabcb512638971e65436b7d9716e544 Loading...

	www.badcreditresources.com/wp-content/litespeed/js/7bc0739f0616e53e5e1b1090bb5f9f73.js?ver=f9f73	12 kB	2023-03-08	2024-01-23
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/7bc0739f0616e53e5e1b1090bb5f9f73.js?ver=f9f73 IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:01 Last Seen2024-01-23 01:49:09 Times Seen60 Hash 1e55f74f9a761833bdee1cc63d342c12 75ee40ff25f6dba923e03c2b441cbbb033de6804 5997441b472d1665a37c07ffc70c977704d6d593abc795d7f8f3b51d169b1b59 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	http:text/javascript;base64,dmFyIHN0aWNreV9hbnl0aGluZ19lbmdhZ2U9eyJlbGVtZW50IjoiI3RleHQtMjEiLCJ0b3BzcGFjZSI6IjEwMCIsIm1pbnNjcmVlbndpZHRoIjoiNzY3IiwibWF4c2NyZWVud2lkdGgiOiI5OTk5OTkiLCJ6aW5kZXgiOiIxIiwibGVnYWN5bW9kZSI6IiIsImR5bmFtaWNtb2RlIjoiIiwiZGVidWdtb2RlIjoiIiwicHVzaHVwIjoiI2Zvb3RlciIsImFkbWluYmFyIjoiMSJ9	210 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,dmFyIHN0aWNreV9hbnl0aGluZ19lbmdhZ2U9eyJlbGVtZW50IjoiI3RleHQtMjEiLCJ0b3BzcGFjZSI6IjEwMCIsIm1pbnNjcmVlbndpZHRoIjoiNzY3IiwibWF4c2NyZWVud2lkdGgiOiI5OTk5OTkiLCJ6aW5kZXgiOiIxIiwibGVnYWN5bW9kZSI6IiIsImR5bmFtaWNtb2RlIjoiIiwiZGVidWdtb2RlIjoiIiwicHVzaHVwIjoiI2Zvb3RlciIsImFkbWluYmFyIjoiMSJ9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 8be1c7b7a70b54968f6eb27a1d206e57 8afb04525a4d04adf8e507afa8b3a53e24ebf942 cac5420c19d11e900e310bbf915ad3becd6e19e332c9ed0f41f9e8dab8234363 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&co=aHR0cHM6Ly93d3cuYmFkY3JlZGl0cmVzb3VyY2VzLmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=xf83m6tmnxez	35 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&co=aHR0cHM6Ly93d3cuYmFkY3JlZGl0cmVzb3VyY2VzLmNvbTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=xf83m6tmnxez IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash f106ad4b7640ce4db0cf7a7a7e6d6206 1249f49cbc13e440b537d867f41aaddfafd2c3ce 1fa09de2078e85f532f7d4495242ab6ec64cd01ef44346cdb0a4657650c1aada Loading...

	www.badcreditresources.com/wp-content/litespeed/js/a29630f8ee6bf51454bc7e953a37997d.js?ver=7997d	6.5 kB	2023-03-07	2024-02-07
Pretty URL www.badcreditresources.com/wp-content/litespeed/js/a29630f8ee6bf51454bc7e953a37997d.js?ver=7997d IP 67.212.168.122 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:45 Last Seen2024-02-07 23:08:49 Times Seen129 Hash add7fc831b2d62e61557a24f6662ce5b 5237107a3d53572999de563cd58137f61374e687 fe068227bcf446a061c99093bfd74e48105f2605f002dce6ab72d799fb035a22 Loading...

	http:text/javascript;base64,dmFyIGx2Y2Ffc2V0dGluZ3M9eyJtb2JpbGVfd2lkdGgiOiI3ODAiLCJjdXN0b21fY3NzIjoiIn0=	56 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,dmFyIGx2Y2Ffc2V0dGluZ3M9eyJtb2JpbGVfd2lkdGgiOiI3ODAiLCJjdXN0b21fY3NzIjoiIn0= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 6b636ab22c1624f2bea77392245d5083 68e8323bdff5490ca294907710d84b49b78f2e16 ae5163a75ac401ff0910b240715c81d42717efc28c50be3c12997fd03b1ef744 Loading...

	http:text/javascript;base64,KGZ1bmN0aW9uKCl7d2luZG93Lmx2Y2FfZnM9e2Nhbl91c2VfcHJlbWl1bV9jb2RlOiExfX0pKCk=	56 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,KGZ1bmN0aW9uKCl7d2luZG93Lmx2Y2FfZnM9e2Nhbl91c2VfcHJlbWl1bV9jb2RlOiExfX0pKCk= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash 7462ad4ed25ed2ae37ae28f127e150f7 84b32bc11e9d0f91f16c145ad20f16402a806738 98cea9d8149ec347b3aae8bd29e7124b5e7f4377aa8f370e87c2d5e001fa58d5 Loading...

	http:text/javascript;base64,wqDCoCB2YXIgc2NyaXB0PWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoInNjcmlwdCIpO8KgwqAgc2NyaXB0LmlkPSJ3cGhzIjvCoMKgIHNjcmlwdC5zcmM9Imh0dHBzOi8vY2RuLmpzZGVsaXZyLm5ldC9ucG0vaG9ja2V5c3RhY2tAbGF0ZXN0L2hvY2tleXN0YWNrLm1pbi5qcyI7wqDCoCBzY3JpcHQuYXN5bmM9MTvCoMKgIHNjcmlwdC5kYXRhc2V0LmFwaWtleT0iY2JiNzdlM2Q0YjQwY2I5ZjllYzc1MDM4MTczNDdlIjvCoMKgIHNjcmlwdC5kYXRhc2V0LmNvb2tpZWxlc3M9MTvCoMKgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdoZWFkJylbMF0uYXBwZW5kQ2hpbGQoc2NyaXB0KQ==	334 B	2023-03-11	2023-03-11
Pretty URL http:text/javascript;base64,wqDCoCB2YXIgc2NyaXB0PWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoInNjcmlwdCIpO8KgwqAgc2NyaXB0LmlkPSJ3cGhzIjvCoMKgIHNjcmlwdC5zcmM9Imh0dHBzOi8vY2RuLmpzZGVsaXZyLm5ldC9ucG0vaG9ja2V5c3RhY2tAbGF0ZXN0L2hvY2tleXN0YWNrLm1pbi5qcyI7wqDCoCBzY3JpcHQuYXN5bmM9MTvCoMKgIHNjcmlwdC5kYXRhc2V0LmFwaWtleT0iY2JiNzdlM2Q0YjQwY2I5ZjllYzc1MDM4MTczNDdlIjvCoMKgIHNjcmlwdC5kYXRhc2V0LmNvb2tpZWxlc3M9MTvCoMKgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdoZWFkJylbMF0uYXBwZW5kQ2hpbGQoc2NyaXB0KQ== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash f9a4b3c5d7a18e555049d3a0bd71ec96 eed8d578cbf21641f272e20987bae9b732c4aeab 29fbfbcc9637f4a5d77b497dfa53d446fa0c731826ed965da3bb5947a34551e8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 806f2d97105b300b4b5c594b860841ff	16 kB	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash 806f2d97105b300b4b5c594b860841ff d89d7c7eea801d1e1ff172b2cbe554e4e3606ee2 ac67106da7775f013b7cb9730c8cde5cfa186d74c2bff74fe27579bb046366be Loading...

	#2 Eval - ae29ed92f6bcf000b77945d046e689b4	64 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash ae29ed92f6bcf000b77945d046e689b4 a4d4bd1aa2d7a4fae1ef26244a5cb8f40d62ea91 14ed98b8b82987bce49c9e6a0f9b620434ec92ad83e9815037257823fe34071e Loading...

	#3 Eval - e838c48a2ad3ca7b3611c5c2c8b63fe4	22 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash e838c48a2ad3ca7b3611c5c2c8b63fe4 3e54acc073cfa8db68daf806991e34eeef26d115 d8fc182869d21957579c2a09eae263e41ab53e4c30c4ffa96d93584a64eb6f77 Loading...

	#4 Eval - a20ce9b1fd2a51421e9e4f3055a77fe6	17 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 19:44:34 Last Seen2023-03-11 19:44:34 Times Seen1 Hash a20ce9b1fd2a51421e9e4f3055a77fe6 b1a896801dfc2b4bd89353121c6656657ed1d20b a2e8bde0a1ba1933cebbb2172716b1a97f830b0b42283b1ac8990cb85c2113ec Loading...

	#5 Eval - f7656e08f419dab0921bcffc274655f4	22 B	2023-03-08	2023-03-17
Pretty Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash f7656e08f419dab0921bcffc274655f4 5acf6b5d541b60f71be9ac794938821eb3bfbdcd c4e7ca158015332be1df536c970a209b44cb4744fae720ed1caaefdc87f37f93 Loading...

HTTP Transactions (107)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11191
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 09:30:51 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1889
Cache-Control: max-age=91909
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:51 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:02:40 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 805
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2723
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 09:30:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: r0qlkpGmie8YJuecRxRiYlPsv8nD1P0+cJ0WPI4hut8UPlsVTXSAUxCjU0rdhFJTcznErKh0r+M=
x-amz-request-id: 6V6PK5DC5HXEA39C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:43:46 GMT
age: 2825
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 09:30:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:08:53 GMT
cache-control: public,max-age=3600
age: 1318
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5152
Cache-Control: max-age=90110
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:51 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:32:41 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.214.64.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.64.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FF8YnI2MaQXm8XvokhGHBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 07WdjMlBiifx8ZHcVOziaQVcpgM=

www.badcreditresources.com/

67.212.168.122

301 Moved Permanently

0 B

URL HTTP/1.1
www.badcreditresources.com/
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
x-pingback: http://www.badcreditresources.com/xmlrpc.php
expires: Fri, 25 Nov 2022 10:30:51 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://www.badcreditresources.com/
x-litespeed-cache: miss
content-length: 0
date: Fri, 25 Nov 2022 09:30:51 GMT
server: LiteSpeed

www.badcreditresources.com/

67.212.168.122

200 OK

25 kB

URL HTTP/2
www.badcreditresources.com/
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14579)
Size
25 kB (25264 bytes)
Hash
9e82af64335a21dd662a06450fbfa7df
453e74b5672cab4c8c1db7ba03576e1499502229
84063713e1513f916cda416756f2eff5d389e5c7ba1e9a896485dc8c5bef0dba

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
x-pingback: https://www.badcreditresources.com/xmlrpc.php
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/", <https://www.badcreditresources.com/wp-json/wp/v2/pages/12226>; rel="alternate"; type="application/json", <https://www.badcreditresources.com/>; rel=shortlink
cache-control: public, max-age=3
expires: Wed, 23 Nov 2022 13:04:44 GMT
etag: "3104-1669208682;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 25264
date: Fri, 25 Nov 2022 09:30:51 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487

142.250.74.10

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1088 bytes)
Hash
94a59e2f49aaca429a06a78c62544990
9452ee2e82ac6e0addf600ea604fe54bf4c0206f
20496766245a5d9d1a1829457501cbf1cf11c4d3ea2b1c10c61996cb78833250

HTTP Headers

GET /css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 09:30:52 GMT
date: Fri, 25 Nov 2022 09:30:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19267
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:30:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19267
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:30:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19267
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:30:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19267
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:30:53 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8917 bytes)
Hash
5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 41723
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 41001
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.4 kB (2351 bytes)
Hash
66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 52763
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6130 bytes)
Hash
ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 41725
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10950 bytes)
Hash
4abf25d4a15ce58edadd54994b3434a2
18800e21d05596f7b64213072dee7dda5c1faf61
633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tCG6Llkb9UHrJDHyxk5RgLkQ3Cds3dXRc0uMhy_9GbnzgMWk5UBS6w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:04:29 GMT
age: 74316
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3955 bytes)
Hash
4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 18473
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64

67.212.168.122

200 OK

121 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (47809)
Size
121 kB (120582 bytes)
Hash
f91b623a91046ed5211a4d5581536075
d74dbbb55c9546010cb503328234da5dcb47a00d
a01756c6a9530f4820550f7dd1c4a550bafd1bb244771ebf212584deae72770e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 23:35:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 120582
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105

67.212.168.122

200 OK

64 kB

URL HTTP/2
www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
64 kB (63794 bytes)
Hash
3d0bf994e15529b5c6d2350e745652a4
9bf519cf6abc4af2d443ccd137e53ffa6c6b768e
5c35ebf538d76050d2df72eae5f93260a7d0a4ed335424ba9941cd0bf75d050a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: image/webp
last-modified: Wed, 12 Oct 2022 13:05:12 GMT
accept-ranges: bytes
content-length: 63794
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
vary: Accept
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp

67.212.168.122

200 OK

4.9 kB

URL HTTP/2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.9 kB (4850 bytes)
Hash
743e4aa3ab05eaf89240a7e76a5fb575
976b2a1eddedc2e9588c923bf3e246bc5c30f581
fa3600cf75a53b89d9bd7849e7a70ab61f9b82659371b62bf63077c68866e1cc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:16 GMT
accept-ranges: bytes
content-length: 4850
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/plugins/litespeed-cache/guest.vary.php

67.212.168.122

200 OK

20 B

URL HTTP/2
www.badcreditresources.com/wp-content/plugins/litespeed-cache/guest.vary.php
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
JSON data\012- , ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
6983d6b2ea353ce0b2b3d2477674219d
d1b7a9df890d2bf30ce03ee569b28d5c3226debe
0056a5d09750d683c893ec741a9c08940a19439d1c67b3de820c31cdfd15eb02

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /wp-content/plugins/litespeed-cache/guest.vary.php HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.badcreditresources.com/
Origin: https://www.badcreditresources.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
x-litespeed-cache-control: no-cache
set-cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; expires=Sun, 27-Nov-2022 09:30:52 GMT; Max-Age=172800; path=/; secure; HttpOnly
content-type: text/html; charset=UTF-8
cache-control: public, max-age=3
expires: Fri, 25 Nov 2022 09:30:55 GMT
content-length: 20
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/

67.212.168.122

200 OK

27 kB

URL HTTP/2
www.badcreditresources.com/
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14849)
Size
27 kB (27339 bytes)
Hash
7b2c60e335d356dad3f6c2e600ce0f02
6594125179465d8662f3d7293d40e56e0776ef16
baa15fa46733cc9b55cbeb83571ce93dfe05ed2fce89a69f928acc10c41e476b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
x-pingback: https://www.badcreditresources.com/xmlrpc.php
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/", <https://www.badcreditresources.com/wp-json/wp/v2/pages/12226>; rel="alternate"; type="application/json", <https://www.badcreditresources.com/>; rel=shortlink
cache-control: public, max-age=3
expires: Tue, 22 Nov 2022 17:25:13 GMT
etag: "2949-1669137910;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 27339
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0

142.250.74.164

200 OK

583 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
583 B (583 bytes)
Hash
fbde2966b18c3b67946a7714fe6c4011
26b3c22bc38c1f84c29e85381673c12f03d14c61
82095e7311b3640ff700e5a61eb9891fb288c122f692d5003d54d1caeb214c42

HTTP Headers

GET /recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Fri, 25 Nov 2022 09:30:54 GMT
date: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-225367935-2

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-225367935-2
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43681 bytes)
Hash
8f84014a4f3429dab4ed5c8cf7b15788
fa071082c2a4946f349badd597bda9962685707b
97430a43e18096589eeb870b236777a892d2aa83afee7ddeee3c561820cfc9d1

HTTP Headers

GET /gtag/js?id=UA-225367935-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:54 GMT
expires: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-75ZVSM6YVZ

142.250.74.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-75ZVSM6YVZ
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21484)
Size
77 kB (76605 bytes)
Hash
7584203507a4cc487af3eaaef9d2c2ba
db4c741e9f68c887f4c0ef05393023b79bbaa62a
0a31d14b1278c38e5586bec5fcea0cf27ee661e31e24e3256bd4afc417cde00c

HTTP Headers

GET /gtag/js?id=G-75ZVSM6YVZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:54 GMT
expires: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js

67.212.168.122

200 OK

30 kB

URL HTTP/2
www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:53 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 09:51:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 30324
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js

67.212.168.122

200 OK

30 kB

URL HTTP/2
www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 09:51:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 30324
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/19c448c9cff9c45b5b755597554f41e1.css?ver=c0ad5

67.212.168.122

200 OK

0 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/19c448c9cff9c45b5b755597554f41e1.css?ver=c0ad5
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/19c448c9cff9c45b5b755597554f41e1.css?ver=c0ad5 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-length: 0
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/92488fa9190dad23914e2834aec8b679.css?ver=8b679

67.212.168.122

200 OK

217 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/92488fa9190dad23914e2834aec8b679.css?ver=8b679
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/92488fa9190dad23914e2834aec8b679.css?ver=8b679 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-length: 217
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/447d88b5ca5df5c19939c97dbf6790fa.css?ver=790fa

67.212.168.122

200 OK

3.7 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/447d88b5ca5df5c19939c97dbf6790fa.css?ver=790fa
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (56168)
Size
3.7 kB (3736 bytes)
Hash
f6559ae4922e6683175c6435a35857ab
b593418855aa99c30de5d2ffcb49ee10760d2ed8
340afd9be5a1e821a36089cdf0c22bc619c899270cff13c9f9405a51366c1c66

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/447d88b5ca5df5c19939c97dbf6790fa.css?ver=790fa HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3736
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd

67.212.168.122

200 OK

2.7 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (21556), with no line terminators
Size
2.7 kB (2677 bytes)
Hash
74f2b84c310e97d6f07605313ae9e4df
4c6ec53574c115110f6d8d94e12967db4ea3bb3f
e7ea71d05061979c63d8a35ad8e50b6da1cd3f710b24f6996c13cd0ae2ebf50e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2677
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/19d4afe4ec912592acad00a3d78c638b.css?ver=c638b

67.212.168.122

200 OK

545 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/19d4afe4ec912592acad00a3d78c638b.css?ver=c638b
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (2215), with no line terminators
Size
545 B (545 bytes)
Hash
84c47b1e8d66d20a964c73765b980ac3
854668b03b223a87513a7a4be4482a01811cfd1c
5a61721da2e75ac14500e23c2589525565480f3767373104715ba8cdb19e1e39

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/19d4afe4ec912592acad00a3d78c638b.css?ver=c638b HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 545
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/c0481dcb4e02fc74cdfb1f52d22d955e.css?ver=d955e

67.212.168.122

200 OK

722 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/c0481dcb4e02fc74cdfb1f52d22d955e.css?ver=d955e
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (2216), with no line terminators
Size
722 B (722 bytes)
Hash
da973d6cccde48c7e9bd27371b685450
7ea63b41304e6c06a214157a5319e7808be3bd16
1f058f3196d5334eb949208572591dc4f9c3e6b8349aee1838e51600f575fd36

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/c0481dcb4e02fc74cdfb1f52d22d955e.css?ver=d955e HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 722
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/1965f61f323f5647466a9fee1a5dd6d8.css?ver=dd6d8

67.212.168.122

200 OK

380 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/1965f61f323f5647466a9fee1a5dd6d8.css?ver=dd6d8
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (1226), with no line terminators
Size
380 B (380 bytes)
Hash
3b57673a7b2d452762c2da988f8f3ede
d96f0f20a11008b33e89a78f8d38cb9bc084a8ab
5746a7b98e58b12238da7e3dd228f00d09d7cefc49f87e3389dec42986228c2a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/1965f61f323f5647466a9fee1a5dd6d8.css?ver=dd6d8 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 380
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/4b18adcd730a48663ba3decc2ef7b340.css?ver=7b340

67.212.168.122

200 OK

1.0 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/4b18adcd730a48663ba3decc2ef7b340.css?ver=7b340
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
Unicode text, UTF-8 text, with very long lines (6639), with no line terminators
Size
1.0 kB (1001 bytes)
Hash
1be7b27af7b23dbf72c6fff888598cb5
4a330f254ed02551a33214d0b5973b92fccd2d80
7622523ec13abae2ed0c0506a2b7838b2874091f78970397e01ce2f13f1638ed

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/4b18adcd730a48663ba3decc2ef7b340.css?ver=7b340 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1001
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/b75211194d6e15f1f5c2ba2f723d7dfd.css?ver=d7dfd

67.212.168.122

200 OK

16 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/b75211194d6e15f1f5c2ba2f723d7dfd.css?ver=d7dfd
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (65366)
Size
16 kB (15871 bytes)
Hash
c5087424b4d35976824dbc4b87efe5f9
7a76cff31f6fa2472fe8bd46ee47d979e825caf8
b45592e78dc57b76404078b55aa6389e566c99281c882d9569ca09b9dfc7f02f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/b75211194d6e15f1f5c2ba2f723d7dfd.css?ver=d7dfd HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 15871
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/6a92ce2f9f38fc764e43467cd86a80e3.css?ver=a80e3

67.212.168.122

200 OK

6.5 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/6a92ce2f9f38fc764e43467cd86a80e3.css?ver=a80e3
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (65203)
Size
6.5 kB (6488 bytes)
Hash
504b177add7eb351e17a79b92946ee3a
0868625937135b22285829d4247a862061cfb3e4
353e9c7305263499365f97470d95cb85561c4604f537e8ba07504e71c2ae9347

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/6a92ce2f9f38fc764e43467cd86a80e3.css?ver=a80e3 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 6488
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961

67.212.168.122

200 OK

130 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with no line terminators
Size
130 B (130 bytes)
Hash
f4ba6b7b1e0461e13143b5970df40e33
8956198d4ede2a73a95b02ae98d764ef884e1320
dc69c4141daaca952e6eb11321983a002d7bff08791eb73c514556866f281de4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-length: 130
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/92916bb8222fe83278d5fe8fb59dea3d.css?ver=dea3d

67.212.168.122

200 OK

160 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/92916bb8222fe83278d5fe8fb59dea3d.css?ver=dea3d
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (851), with no line terminators
Size
160 B (160 bytes)
Hash
dd91c4b0d50ae7a3142de18b34fcc2ee
2dc3b8d9fe34c8b9a70ac692a098e142d10ae62e
b6c991dddf5de4458c6a323bf14fb196b4f07c2215b1911944f1c55cbd3bd3a5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/92916bb8222fe83278d5fe8fb59dea3d.css?ver=dea3d HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 160
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/7e23496206b589ee6dcafb12582300f4.css?ver=300f4

67.212.168.122

200 OK

2.7 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/7e23496206b589ee6dcafb12582300f4.css?ver=300f4
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (23747), with no line terminators
Size
2.7 kB (2676 bytes)
Hash
ecc9580ffff0ad1576b3810dc7f2926a
11703bbcb174916bdd86047e60392348447b70b4
3892faa3e30b03dee716869968fe3aa76780baa7b61a1264df2aa6bdad10c529

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/7e23496206b589ee6dcafb12582300f4.css?ver=300f4 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2676
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/f7ebde7fa24367e8826656c8b1c88329.css?ver=88329

67.212.168.122

200 OK

1.3 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/f7ebde7fa24367e8826656c8b1c88329.css?ver=88329
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (6740), with no line terminators
Size
1.3 kB (1300 bytes)
Hash
7d6d5354199160419645adb406bbc011
943530863349b400a8c26d0cff0c27b75ba174ba
d23b90c0734f69eddfff0c6f28f07e66646d0678a6e70769e579e0161e7caf81

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/f7ebde7fa24367e8826656c8b1c88329.css?ver=88329 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1300
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/8487522f0e6adfb31c37e39e55f523d9.css?ver=523d9

67.212.168.122

200 OK

2.4 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/8487522f0e6adfb31c37e39e55f523d9.css?ver=523d9
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (14011), with no line terminators
Size
2.4 kB (2433 bytes)
Hash
fc7cb30d27094095486eb395132c0d33
ff1d837b4b21f5637f348943ac78936186d0c703
6dc0871a2dcffeb0a8da357020ac08a1fde597c76c49ea0830bc7800872eb628

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/8487522f0e6adfb31c37e39e55f523d9.css?ver=523d9 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2433
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/183ca4d12fdd7c0b515071edec6772ea.css?ver=772ea

67.212.168.122

200 OK

634 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/183ca4d12fdd7c0b515071edec6772ea.css?ver=772ea
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (2371), with no line terminators
Size
634 B (634 bytes)
Hash
ed9c94d3c44e16611e454d1c93b60c87
e35f31083549ae9c6fb9d19adfcb54ca2b4f3a28
81eb3796ed61edef835115a4ae2ed4d13e27a1c8ad8115732d8a56b54dd229ca

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/183ca4d12fdd7c0b515071edec6772ea.css?ver=772ea HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 634
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/38f576cf962554a9508c97ee4afe73cf.css?ver=e73cf

67.212.168.122

200 OK

12 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/38f576cf962554a9508c97ee4afe73cf.css?ver=e73cf
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (47809)
Size
12 kB (11609 bytes)
Hash
eba416e41eacbb9d6093f6e607053d3a
174db6fd65b9efaebaf3132dfd14abd95da7c935
e413d1184887024f01a1142c5d141bb579c044343ea5da51ecd1bf248b49fedb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/38f576cf962554a9508c97ee4afe73cf.css?ver=e73cf HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 11609
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/2015acbc81f179cd047aebfe0e9abfd5.css?ver=abfd5

67.212.168.122

200 OK

587 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/2015acbc81f179cd047aebfe0e9abfd5.css?ver=abfd5
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (2337), with no line terminators
Size
587 B (587 bytes)
Hash
9853e006f6d09c3bcbdc1b4b90254926
3ce103dcb6cea53467d7bf5d6e4c281f7126d2e8
22737660a2f90149a08be95c118137d1b12793595e9a926d4c703483f18cab8f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/2015acbc81f179cd047aebfe0e9abfd5.css?ver=abfd5 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 587
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/43d5e9129374bda51f6ff3251b094d6b.js?ver=94d6b

67.212.168.122

200 OK

4.0 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/43d5e9129374bda51f6ff3251b094d6b.js?ver=94d6b
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3996 bytes)
Hash
e600941b4d7acfc4363a571da7d2fc6e
d1ef17a4e51414ab5f752a57c879a56a6dfcb396
183790d1ced4183e85c94b7e6dc0589a9c8b2da9c66079e9231bb7c068657839

HTTP Headers

GET /wp-content/litespeed/js/43d5e9129374bda51f6ff3251b094d6b.js?ver=94d6b HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3996
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/a1f972015ec9db522a1e5b5c16da6de8.js?ver=a6de8

67.212.168.122

200 OK

2.6 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/a1f972015ec9db522a1e5b5c16da6de8.js?ver=a6de8
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
Unicode text, UTF-8 text, with very long lines (8879)
Size
2.6 kB (2601 bytes)
Hash
6a1e2fb21fdfd9a14bc913292c27dc88
4083d9fed97e8f9864edd11b9c482b8ec4856309
7426c26174b1f5496de8cb62c5309c7a058652784116969cee2abd224e58f88d

HTTP Headers

GET /wp-content/litespeed/js/a1f972015ec9db522a1e5b5c16da6de8.js?ver=a6de8 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2601
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/06239318e0e004ec75d7707e250f8ef8.js?ver=f8ef8

67.212.168.122

200 OK

946 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/06239318e0e004ec75d7707e250f8ef8.js?ver=f8ef8
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document, ASCII text, with very long lines (2888)
Size
946 B (946 bytes)
Hash
f539c9a81a60fd6ed20c015ee6640772
fe3b8f24a646c750c21f08fabf9df2dd8a210697
85387c8f4cbe5541f746216f77ecd751f688b0b33550d7527213b6ee0e789eba

HTTP Headers

GET /wp-content/litespeed/js/06239318e0e004ec75d7707e250f8ef8.js?ver=f8ef8 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 946
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/e50b40fa43488e5627e25b627f4c86b9.js?ver=c86b9

67.212.168.122

200 OK

1.8 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/e50b40fa43488e5627e25b627f4c86b9.js?ver=c86b9
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (7353)
Size
1.8 kB (1784 bytes)
Hash
2629561a151565b42f5a523cfdcc120b
551139d108a24bb2f3bee6101f9f3609f302d29f
b0bcfbc8bfcd38a913950875fb25404cfdbe44cd92531b67d765b64148d5204f

HTTP Headers

GET /wp-content/litespeed/js/e50b40fa43488e5627e25b627f4c86b9.js?ver=c86b9 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1784
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/6c5f2965ac8c96e9d03184e110ffef85.js?ver=fef85

67.212.168.122

200 OK

299 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/6c5f2965ac8c96e9d03184e110ffef85.js?ver=fef85
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document, ASCII text, with very long lines (986)
Size
299 B (299 bytes)
Hash
4229981ec8592148e0479ff53e9fd784
8eb7789651d7bd3f111c887c01edd752c598a586
12b5ce97dca478da0eb3784cb39920c98b687a869eaae6af312ae3147ce0139c

HTTP Headers

GET /wp-content/litespeed/js/6c5f2965ac8c96e9d03184e110ffef85.js?ver=fef85 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 299
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/580334634f449aca439785711f90f072.js?ver=0f072

67.212.168.122

200 OK

9.9 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/580334634f449aca439785711f90f072.js?ver=0f072
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (31903)
Size
9.9 kB (9876 bytes)
Hash
6a74e2e7df692403715a0a531d57b397
e1c6a80b6aba5d1fbc69df6ce3573addd8bdb2fb
5366bbdb25caef5bfa554ad880844c664a69364c712cea59d766420c7e1eafa7

HTTP Headers

GET /wp-content/litespeed/js/580334634f449aca439785711f90f072.js?ver=0f072 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 9876
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/e07426a69e5b35cbd0b10cf9494ca1ee.js?ver=ca1ee

67.212.168.122

200 OK

3.6 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/e07426a69e5b35cbd0b10cf9494ca1ee.js?ver=ca1ee
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document, ASCII text, with very long lines (8357)
Size
3.6 kB (3556 bytes)
Hash
2c5a09a43b03b0d67c540da233b559fb
dfd1a4d24bb32fb7fe0e97125d2a15220545e966
bbbba020bdd7772f1de023dc2e78189e38832b168df76a532f5cacff29474f79

HTTP Headers

GET /wp-content/litespeed/js/e07426a69e5b35cbd0b10cf9494ca1ee.js?ver=ca1ee HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3556
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/615f851e5456a592b5fcfa83a5c2f2d7.css?ver=21bc0

67.212.168.122

200 OK

1.3 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/615f851e5456a592b5fcfa83a5c2f2d7.css?ver=21bc0
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (6853), with no line terminators
Size
1.3 kB (1316 bytes)
Hash
29c945409c017d337a8891aeca324d8b
89b5f4324389a02fb54f189bcdd3f224c7c17412
d8c11ae7b68fa96be91838b6ca0faa59e827c3ac1c9e4d3456458a02ae30c3c0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/615f851e5456a592b5fcfa83a5c2f2d7.css?ver=21bc0 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1316
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/8f2fb7f8140bebdc337a219c97f24759.js?ver=24759

67.212.168.122

200 OK

2.8 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/8f2fb7f8140bebdc337a219c97f24759.js?ver=24759
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (9936)
Size
2.8 kB (2819 bytes)
Hash
70de0a13b077f9916bef22177f109f51
6f350bc39ec12c89036b561a1a1fadc9092d19c7
2cbe63b7a17c62e77f219d7507ce34722892f91c8a90f533024ddd2215eb48d9

HTTP Headers

GET /wp-content/litespeed/js/8f2fb7f8140bebdc337a219c97f24759.js?ver=24759 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2819
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/7bc0739f0616e53e5e1b1090bb5f9f73.js?ver=f9f73

67.212.168.122

200 OK

3.7 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/7bc0739f0616e53e5e1b1090bb5f9f73.js?ver=f9f73
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document, ASCII text, with very long lines (12309)
Size
3.7 kB (3709 bytes)
Hash
b1373edaa43bf7068ad60972acc8e580
f24d857d8d71cc47ba1f058939ce41c6cca65337
2acdfe2cebb28a4a441d4a36e42caad3f338a9bcdff55012fbeae15cfee3369b

HTTP Headers

GET /wp-content/litespeed/js/7bc0739f0616e53e5e1b1090bb5f9f73.js?ver=f9f73 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3709
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/657a6b6b57d422ec910436011d777971.js?ver=77971

67.212.168.122

200 OK

233 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/657a6b6b57d422ec910436011d777971.js?ver=77971
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (450), with CRLF, LF line terminators
Size
233 B (233 bytes)
Hash
dbacbe2a5e1f91908bb971e1d2257c83
5c259b40286d596e0249f8eca6b0153c1c7bc0f9
7d757c014a750a92d961e83a41cac19d64bd105ea938e6c18584100cf98d5643

HTTP Headers

GET /wp-content/litespeed/js/657a6b6b57d422ec910436011d777971.js?ver=77971 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 233
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/fe39c84bd31cbf12b6901c184005b465.js?ver=5b465

67.212.168.122

200 OK

1.3 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/fe39c84bd31cbf12b6901c184005b465.js?ver=5b465
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (579)
Size
1.3 kB (1330 bytes)
Hash
110f81909053b0a6a24882959691edf0
936a1587f1b277ca9bf7a2196c17922b230de875
0bb1b17b83bba19d5ebcf8f5146bf7fa40446a704bce4e99ea3dad6000d9195f

HTTP Headers

GET /wp-content/litespeed/js/fe39c84bd31cbf12b6901c184005b465.js?ver=5b465 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1330
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/d4ec662ca4b133d8b8928848ac3578d3.js?ver=578d3

67.212.168.122

200 OK

7.4 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/d4ec662ca4b133d8b8928848ac3578d3.js?ver=578d3
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (28941)
Size
7.4 kB (7377 bytes)
Hash
2468d583c6fdcd2b2c8d0e82f81792ff
12466dc479b3e771037678c7336739223ab7b684
53edfa5081469ade80e8cd85da9538ee4fbaef9ede9b86f25d088f0ba975f8ee

HTTP Headers

GET /wp-content/litespeed/js/d4ec662ca4b133d8b8928848ac3578d3.js?ver=578d3 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 7377
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/2cd73354b8c0fc0badbe250f88e52c04.js?ver=52c04

67.212.168.122

200 OK

38 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/2cd73354b8c0fc0badbe250f88e52c04.js?ver=52c04
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (40215)
Size
38 kB (38411 bytes)
Hash
6fa53d30d04212671e0fbce24beb4731
75205fbe136e0fcaba96403bf0b10d1828feadf6
afe5e8c1273769808fb6e95ff3cf2ef798bd0a1e9d716ed2a94dd3c3a90a4dc6

HTTP Headers

GET /wp-content/litespeed/js/2cd73354b8c0fc0badbe250f88e52c04.js?ver=52c04 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 38411
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/fc8b36bc3e75990797c35c781015fc69.js?ver=5fc69

67.212.168.122

200 OK

1.3 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/fc8b36bc3e75990797c35c781015fc69.js?ver=5fc69
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (1986)
Size
1.3 kB (1300 bytes)
Hash
9d5367a5b8f931266c62b91cbf9464f3
a2f9a85496c5eac619c2720a21ddee69bb1ed014
7bf4fa78ab3ea7289b3fa8e7ae43de504ac3aaa86ffe7a521b53bce081d7b244

HTTP Headers

GET /wp-content/litespeed/js/fc8b36bc3e75990797c35c781015fc69.js?ver=5fc69 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1300
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/a29630f8ee6bf51454bc7e953a37997d.js?ver=7997d

67.212.168.122

200 OK

2.4 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/a29630f8ee6bf51454bc7e953a37997d.js?ver=7997d
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (6475)
Size
2.4 kB (2358 bytes)
Hash
2f6d4430de29254182abdc309e8fe4a8
c504789a59951cd124e4cb7810e4b58a4111f70f
157414e439c8ff3f06fb1949efdc6f2f5d22bf92367dbc2ad1e6071952573355

HTTP Headers

GET /wp-content/litespeed/js/a29630f8ee6bf51454bc7e953a37997d.js?ver=7997d HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2358
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/ce459103b037d794c6d6b4d4a3347c72.js?ver=47c72

67.212.168.122

200 OK

6.3 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/ce459103b037d794c6d6b4d4a3347c72.js?ver=47c72
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
Unicode text, UTF-8 text, with very long lines (17819)
Size
6.3 kB (6339 bytes)
Hash
141bae0f717c8243d04e66b38c3f16cd
0d499a7048f625cd5f3dc60ed4dc791fa6ffa223
59cfc6a9bd04aa30741e375fa51795e867ad3bdf0027bab5b2fedd8aab9ece68

HTTP Headers

GET /wp-content/litespeed/js/ce459103b037d794c6d6b4d4a3347c72.js?ver=47c72 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 6339
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/aaea3944a24a634363cf90938886282e.js?ver=6282e

67.212.168.122

200 OK

442 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/aaea3944a24a634363cf90938886282e.js?ver=6282e
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (999)
Size
442 B (442 bytes)
Hash
a1934ba4e6ff3ffa5dd9ddf83ecce83c
79d28eb0dbe2950e0e362e2fecd3a5395805d9ac
f7184b1de4ab2029131a10a42cb89b85ee4c28af9f066eb927cf9e271af4ab56

HTTP Headers

GET /wp-content/litespeed/js/aaea3944a24a634363cf90938886282e.js?ver=6282e HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 442
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77

67.212.168.122

200 OK

26 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26161 bytes)
Hash
490d1a3908e465cf4f8e23f7957cbbda
3f4649885318b5123265df9e987bf17785a4b504
863c2fd56639eb66824940cbc56d7c6057f482915fd34dfd262e8a926d843a95

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 26161
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/themes/marketplus/style.css

67.212.168.122

200 OK

13 kB

URL HTTP/2
www.badcreditresources.com/wp-content/themes/marketplus/style.css
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (607)
Size
13 kB (13175 bytes)
Hash
c84d1272041c74f61ade4e64af2de167
b164744bad57a021b8198cc230e6cb63edf12e1b
d517c6c7f1b1c38b6ba911f1ed72dfb9b000990933be0fa3ca87a0e796266244

HTTP Headers

GET /wp-content/themes/marketplus/style.css HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Tue, 17 May 2022 16:37:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 13175
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.ttf

67.212.168.122

200 OK

772 kB

URL HTTP/2
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.ttf
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoonVersion 1.0icomooncmo \012- data
Size
772 kB (771840 bytes)
Hash
6a36416274bc26cbda9c93fe982442fe
b7e097a87c0b868cac66d5a0c581a39fdfbb76c8
e0c7993144f37443812a2a11381f863f2b67569a9ec887328548d2988472eee6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/marketplus/fonts/icomoon.ttf HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:53 GMT
content-type: application/x-font-ttf
last-modified: Tue, 17 May 2022 16:43:30 GMT
accept-ranges: bytes
content-length: 771840
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105

67.212.168.122

200 OK

64 kB

URL HTTP/2
www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
64 kB (63794 bytes)
Hash
3d0bf994e15529b5c6d2350e745652a4
9bf519cf6abc4af2d443ccd137e53ffa6c6b768e
5c35ebf538d76050d2df72eae5f93260a7d0a4ed335424ba9941cd0bf75d050a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: image/webp
last-modified: Wed, 12 Oct 2022 13:05:12 GMT
accept-ranges: bytes
content-length: 63794
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
vary: Accept
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp

67.212.168.122

200 OK

4.9 kB

URL HTTP/2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.9 kB (4850 bytes)
Hash
743e4aa3ab05eaf89240a7e76a5fb575
976b2a1eddedc2e9588c923bf3e246bc5c30f581
fa3600cf75a53b89d9bd7849e7a70ab61f9b82659371b62bf63077c68866e1cc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:16 GMT
accept-ranges: bytes
content-length: 4850
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff

67.212.168.122

200 OK

772 kB

URL HTTP/2
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
Web Open Font Format, TrueType, length 771916, version 0.0\012- data
Size
772 kB (771916 bytes)
Hash
5af44b8a10bc4677fac539d986a17bd4
ea00fe0597a2439dd9f2867e96cde3f40e2bd494
247b6837e45a170237225fe4ec60b841ca1b1375cd27084b1e59dcdbca3aeedc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/marketplus/fonts/icomoon.woff HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: application/font-woff
last-modified: Tue, 17 May 2022 16:43:31 GMT
accept-ranges: bytes
content-length: 771916
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js

151.101.85.229

200 OK

5.7 kB

URL HTTP/2
cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (13445)
Size
5.7 kB (5702 bytes)
Hash
98fc47627fb4b9ce23eb326254d0d686
9cd965e2a0d68112e456490db6174f767398760b
4be40c0b770311ebbf16cb8c39356cfb778dd0419b7ab5c41ddcd1ce0a93b2d1

HTTP Headers

GET /npm/hockeystack@latest/hockeystack.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.3.77
x-jsd-version-type: version
etag: W/"35d1-bIVJqDXYs0lz++AhqFVaR14swSE"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:30:58 GMT
age: 18308
x-served-by: cache-fra-eddf8230050-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5702
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
e5b4f0edacb0e1ec14b068b30274304e
88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:30:58 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1754
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f95e616f98b523-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8afe6ef134cd77496b937a407bcabf1a
22ed9edc8d3aacdb3a01f03f3e49f46188a5ae1a
3543aabe1947f4c9b0936c517cb51993565d52275aeffcaf325288654c6c1c0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3543AABE1947F4C9B0936C517CB51993565D52275AEFFCAF325288654C6C1C0E"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17542
Expires: Fri, 25 Nov 2022 14:23:20 GMT
Date: Fri, 25 Nov 2022 09:30:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7bae7c42c1b20796fbf4b6d62be2962b
e0313e520ce3a5e80492cb31bca77addb695e69c
292f4154bd9c5ba1a2a5ef4f1b7cee80df94470bf3608c890b2e7e69f9bd60e8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "292F4154BD9C5BA1A2A5EF4F1B7CEE80DF94470BF3608C890B2E7E69F9BD60E8"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17531
Expires: Fri, 25 Nov 2022 14:23:09 GMT
Date: Fri, 25 Nov 2022 09:30:58 GMT
Connection: keep-alive

data.hockeystack.com/send

35.157.54.242

204 No Content

0 B

URL HTTP/2
data.hockeystack.com/send
IP
35.157.54.242:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /send HTTP/1.1
Host: data.hockeystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.badcreditresources.com/
Origin: https://www.badcreditresources.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 09:30:58 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.badcreditresources.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
X-Firefox-Spdy: h2

data.hockeystack.com/send

35.157.54.242

200 OK

16 B

URL HTTP/2
data.hockeystack.com/send
IP
35.157.54.242:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

HTTP Headers

POST /send HTTP/1.1
Host: data.hockeystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 543
Origin: https://www.badcreditresources.com
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 09:30:58 GMT
content-type: application/json; charset=utf-8
content-length: 16
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.badcreditresources.com
vary: Origin
access-control-allow-credentials: true
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 08:41:08 GMT
expires: Fri, 25 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 2990
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2874
Cache-Control: max-age=159808
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:58 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 05:54:26 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

www.badcreditresources.com/wp-content/litespeed/css/adf4440466cdf1553d1ade3424e63b1f.css?ver=63b1f

67.212.168.122

404 Not Found

184 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/adf4440466cdf1553d1ade3424e63b1f.css?ver=63b1f
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12683)
Size
184 kB (183603 bytes)
Hash
1be6455d3a94dff35fd01cd8d2170cd6
1f784fa02d21dd2a85285d66e1d25f7e196fd598
b574a0d93cd737fc6c62f7142729848edb73d796f61ef388ca9852371078c23d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/adf4440466cdf1553d1ade3424e63b1f.css?ver=63b1f HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.9cb90307286db4abe9fb5d311f61c79f,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg

67.212.168.122

200 OK

9.4 kB

URL HTTP/2
www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 300x300, components 1\012- data
Size
9.4 kB (9414 bytes)
Hash
b8039c06d72c2a2750f072ab5a6fc9db
3c788e0a6d9e6f12a13cdd5e8e978499992e8a7a
00400402d6179677d822710ccbef449a5ffcfe0e60f71f2ef311f98490c32a3b

HTTP Headers

GET /wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368657.1.0.1669368657.0.0.0; _ga=GA1.1.418179922.1669368658
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:57 GMT
content-type: image/jpeg
last-modified: Mon, 28 Feb 2022 17:18:07 GMT
accept-ranges: bytes
content-length: 9414
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
vary: Accept
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg

67.212.168.122

200 OK

6.2 kB

URL HTTP/2
www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 150x150, components 1\012- data
Size
6.2 kB (6167 bytes)
Hash
0f07740b72bd966f2c1c71177e9ca449
c22c95d6734facc09cea337f6760b86fcb0e4cc5
8ab3bb36d2c4d4bb4b6e695587746c8b9ea67ada6fca54c3701d88304d262d03

HTTP Headers

GET /wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368657.1.0.1669368657.0.0.0; _ga=GA1.1.418179922.1669368658
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:57 GMT
content-type: image/jpeg
last-modified: Mon, 28 Feb 2022 17:18:07 GMT
accept-ranges: bytes
content-length: 6167
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
vary: Accept
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: vqycght9HOuqJ8esFX/CafS/itEEAC7juX/3y5+1genqQh+LmEabXbmt9DOQm3bQudUQhWC2vjwLuRt46Q5PXA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 09:30:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/plugins/addons-for-visual-composer/assets/css/ajax-loader.gif

67.212.168.122

200 OK

4.2 kB

URL HTTP/2
www.badcreditresources.com/wp-content/plugins/addons-for-visual-composer/assets/css/ajax-loader.gif
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
GIF image data, version 89a, 32 x 32\012- data
Size
4.2 kB (4178 bytes)
Hash
c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

HTTP Headers

GET /wp-content/plugins/addons-for-visual-composer/assets/css/ajax-loader.gif HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368657.1.0.1669368657.0.0.0; _ga=GA1.1.418179922.1669368658
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:57 GMT
content-type: image/gif
last-modified: Wed, 16 Nov 2022 21:51:59 GMT
accept-ranges: bytes
content-length: 4178
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2874
Cache-Control: max-age=159808
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:58 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 05:54:26 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

www.badcreditresources.com/wp-content/litespeed/css/ec77d927f042413d108c851950cc1da7.css?ver=c1da7

67.212.168.122

404 Not Found

28 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/ec77d927f042413d108c851950cc1da7.css?ver=c1da7
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12683)
Size
28 kB (27526 bytes)
Hash
27f65bc84f89f20293d4443449e70d35
4d57dd19d1d2dddfed8b3275e4ce35b9d00cded8
3df81517c911f1239567dd7c0a423d85ea4f1aceb7ec4fdc4daa3860c1353fef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/ec77d927f042413d108c851950cc1da7.css?ver=c1da7 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.a867c755524876f3fbbc6c0d68772e76,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/b06adf5620bd6ed80d5811d3c0f98510.js?ver=98510

67.212.168.122

404 Not Found

21 kB

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/b06adf5620bd6ed80d5811d3c0f98510.js?ver=98510
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12683)
Size
21 kB (20621 bytes)
Hash
e06a98f91f49889e82385d9bb43b0495
3be8a090f1a78315c02af761b6f05056ee4326c4
f019c9e52a1e8a9c9c32c8e38561cc736d34b194fd8317188e77f0defc83ba68

HTTP Headers

GET /wp-content/litespeed/js/b06adf5620bd6ed80d5811d3c0f98510.js?ver=98510 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.18caf6a2d418e952928c91517642ead1,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=836355299803451&ev=PageView&dl=https%3A%2F%2Fwww.badcreditresources.com%2F&rl=&if=false&ts=1669368658208&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368658206.1154055991&it=1669368658166&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=836355299803451&ev=PageView&dl=https%3A%2F%2Fwww.badcreditresources.com%2F&rl=&if=false&ts=1669368658208&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368658206.1154055991&it=1669368658166&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=836355299803451&ev=PageView&dl=https%3A%2F%2Fwww.badcreditresources.com%2F&rl=&if=false&ts=1669368658208&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368658206.1154055991&it=1669368658166&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 09:30:58 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 507541
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 42283
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp

67.212.168.122

200 OK

5.4 kB

URL HTTP/2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.4 kB (5434 bytes)
Hash
b2a7dda378913c194edb52d39aae4e97
d412537c3d743c2ed1400eec31da55fcfb593a5b
09b8c68fe26720c2a2b978a67902d026219ec76e1a7346d0425de52e21a90f43

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368657.1.0.1669368657.0.0.0; _ga=GA1.2.418179922.1669368658; _gid=GA1.2.276964077.1669368658; _gat_gtag_UA_225367935_2=1; _fbp=fb.1.1669368658206.1154055991
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:58 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:15 GMT
accept-ranges: bytes
content-length: 5434
date: Fri, 25 Nov 2022 09:30:58 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487

142.250.74.10

200 OK

20 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
20 kB (19836 bytes)
Hash
474ff1435427ab1921f97b3efaf28c4f
6c0d7cb659a98202ac9fb1783db52e4298f88a47
e37400865d9380b88282b566c38ff4d9925268f8340e2e14e8661a340e1f926f

HTTP Headers

GET /css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 09:30:54 GMT
date: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11743 bytes)
Hash
8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 41775
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff

67.212.168.122

200 OK

0 B

URL HTTP/2
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/marketplus/fonts/icomoon.woff HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: application/font-woff
last-modified: Tue, 17 May 2022 16:43:31 GMT
accept-ranges: bytes
content-length: 771916
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/css/c131d51e057aab303d3bf25e033aeaf1.css?ver=aeaf1

67.212.168.122

404 Not Found

0 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/css/c131d51e057aab303d3bf25e033aeaf1.css?ver=aeaf1
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/css/c131d51e057aab303d3bf25e033aeaf1.css?ver=aeaf1 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.ef4cba35f098bae4f77f653a32f8a3cb,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.badcreditresources.com/wp-content/litespeed/js/67252a48adc44d64f71751c04dab4ad5.js?ver=b4ad5

67.212.168.122

404 Not Found

0 B

URL HTTP/2
www.badcreditresources.com/wp-content/litespeed/js/67252a48adc44d64f71751c04dab4ad5.js?ver=b4ad5
IP
67.212.168.122:0
ASN
#32475 SINGLEHOP-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/litespeed/js/67252a48adc44d64f71751c04dab4ad5.js?ver=b4ad5 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.c0f8d79c3e3f963b8130e285a70ff030,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (48)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations