r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11191
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 09:30:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1889
Cache-Control: max-age=91909
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:51 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:02:40 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 805
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2723
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 09:30:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r0qlkpGmie8YJuecRxRiYlPsv8nD1P0+cJ0WPI4hut8UPlsVTXSAUxCjU0rdhFJTcznErKh0r+M=
x-amz-request-id: 6V6PK5DC5HXEA39C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:43:46 GMT
age: 2825
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 09:30:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:08:53 GMT
cache-control: public,max-age=3600
age: 1318
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5152
Cache-Control: max-age=90110
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:51 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:32:41 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.214.64.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.64.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FF8YnI2MaQXm8XvokhGHBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 07WdjMlBiifx8ZHcVOziaQVcpgM=
www.badcreditresources.com/
67.212.168.122301 Moved Permanently 0 B URL HTTP/1.1 www.badcreditresources.com/
IP 67.212.168.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
x-pingback: http://www.badcreditresources.com/xmlrpc.php
expires: Fri, 25 Nov 2022 10:30:51 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://www.badcreditresources.com/
x-litespeed-cache: miss
content-length: 0
date: Fri, 25 Nov 2022 09:30:51 GMT
server: LiteSpeed
www.badcreditresources.com/
67.212.168.122200 OK 25 kB URL HTTP/2 www.badcreditresources.com/
IP 67.212.168.122:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14579)
Hash 9e82af64335a21dd662a06450fbfa7df
453e74b5672cab4c8c1db7ba03576e1499502229
84063713e1513f916cda416756f2eff5d389e5c7ba1e9a896485dc8c5bef0dba
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
x-pingback: https://www.badcreditresources.com/xmlrpc.php
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/", <https://www.badcreditresources.com/wp-json/wp/v2/pages/12226>; rel="alternate"; type="application/json", <https://www.badcreditresources.com/>; rel=shortlink
cache-control: public, max-age=3
expires: Wed, 23 Nov 2022 13:04:44 GMT
etag: "3104-1669208682;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 25264
date: Fri, 25 Nov 2022 09:30:51 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
IP 142.250.74.10:0
Hash 94a59e2f49aaca429a06a78c62544990
9452ee2e82ac6e0addf600ea604fe54bf4c0206f
20496766245a5d9d1a1829457501cbf1cf11c4d3ea2b1c10c61996cb78833250
GET /css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 09:30:52 GMT
date: Fri, 25 Nov 2022 09:30:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19267
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:30:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19267
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:30:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19267
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:30:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19267
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:30:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 41723
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 41001
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 52763
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 41725
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4abf25d4a15ce58edadd54994b3434a2
18800e21d05596f7b64213072dee7dda5c1faf61
633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tCG6Llkb9UHrJDHyxk5RgLkQ3Cds3dXRc0uMhy_9GbnzgMWk5UBS6w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:04:29 GMT
age: 74316
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 18473
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64
67.212.168.122200 OK 121 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64
IP 67.212.168.122:0
File type ASCII text, with very long lines (47809)
Size 121 kB (120582 bytes)
Hash f91b623a91046ed5211a4d5581536075
d74dbbb55c9546010cb503328234da5dcb47a00d
a01756c6a9530f4820550f7dd1c4a550bafd1bb244771ebf212584deae72770e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 23:35:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 120582
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105
67.212.168.122200 OK 64 kB URL HTTP/2 www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105
IP 67.212.168.122:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3d0bf994e15529b5c6d2350e745652a4
9bf519cf6abc4af2d443ccd137e53ffa6c6b768e
5c35ebf538d76050d2df72eae5f93260a7d0a4ed335424ba9941cd0bf75d050a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: image/webp
last-modified: Wed, 12 Oct 2022 13:05:12 GMT
accept-ranges: bytes
content-length: 63794
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
vary: Accept
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
67.212.168.122200 OK 4.9 kB URL HTTP/2 www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
IP 67.212.168.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 743e4aa3ab05eaf89240a7e76a5fb575
976b2a1eddedc2e9588c923bf3e246bc5c30f581
fa3600cf75a53b89d9bd7849e7a70ab61f9b82659371b62bf63077c68866e1cc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:16 GMT
accept-ranges: bytes
content-length: 4850
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/plugins/litespeed-cache/guest.vary.php
67.212.168.122200 OK 20 B URL HTTP/2 www.badcreditresources.com/wp-content/plugins/litespeed-cache/guest.vary.php
IP 67.212.168.122:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6983d6b2ea353ce0b2b3d2477674219d
d1b7a9df890d2bf30ce03ee569b28d5c3226debe
0056a5d09750d683c893ec741a9c08940a19439d1c67b3de820c31cdfd15eb02
Analyzer Verdict Alert fortinet Malware
POST /wp-content/plugins/litespeed-cache/guest.vary.php HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.badcreditresources.com/
Origin: https://www.badcreditresources.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
x-litespeed-cache-control: no-cache
set-cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; expires=Sun, 27-Nov-2022 09:30:52 GMT; Max-Age=172800; path=/; secure; HttpOnly
content-type: text/html; charset=UTF-8
cache-control: public, max-age=3
expires: Fri, 25 Nov 2022 09:30:55 GMT
content-length: 20
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/
67.212.168.122200 OK 27 kB URL HTTP/2 www.badcreditresources.com/
IP 67.212.168.122:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14849)
Hash 7b2c60e335d356dad3f6c2e600ce0f02
6594125179465d8662f3d7293d40e56e0776ef16
baa15fa46733cc9b55cbeb83571ce93dfe05ed2fce89a69f928acc10c41e476b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
x-pingback: https://www.badcreditresources.com/xmlrpc.php
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/", <https://www.badcreditresources.com/wp-json/wp/v2/pages/12226>; rel="alternate"; type="application/json", <https://www.badcreditresources.com/>; rel=shortlink
cache-control: public, max-age=3
expires: Tue, 22 Nov 2022 17:25:13 GMT
etag: "2949-1669137910;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 27339
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash fbde2966b18c3b67946a7714fe6c4011
26b3c22bc38c1f84c29e85381673c12f03d14c61
82095e7311b3640ff700e5a61eb9891fb288c122f692d5003d54d1caeb214c42
GET /recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 09:30:54 GMT
date: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-225367935-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-225367935-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 8f84014a4f3429dab4ed5c8cf7b15788
fa071082c2a4946f349badd597bda9962685707b
97430a43e18096589eeb870b236777a892d2aa83afee7ddeee3c561820cfc9d1
GET /gtag/js?id=UA-225367935-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:54 GMT
expires: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-75ZVSM6YVZ
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-75ZVSM6YVZ
IP 142.250.74.168:0
File type ASCII text, with very long lines (21484)
Hash 7584203507a4cc487af3eaaef9d2c2ba
db4c741e9f68c887f4c0ef05393023b79bbaa62a
0a31d14b1278c38e5586bec5fcea0cf27ee661e31e24e3256bd4afc417cde00c
GET /gtag/js?id=G-75ZVSM6YVZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:54 GMT
expires: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
67.212.168.122200 OK 30 kB URL HTTP/2 www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
IP 67.212.168.122:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:53 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 09:51:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 30324
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
67.212.168.122200 OK 30 kB URL HTTP/2 www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
IP 67.212.168.122:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 09:51:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 30324
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/19c448c9cff9c45b5b755597554f41e1.css?ver=c0ad5
67.212.168.122200 OK 0 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/19c448c9cff9c45b5b755597554f41e1.css?ver=c0ad5
IP 67.212.168.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/19c448c9cff9c45b5b755597554f41e1.css?ver=c0ad5 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-length: 0
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/92488fa9190dad23914e2834aec8b679.css?ver=8b679
67.212.168.122200 OK 217 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/92488fa9190dad23914e2834aec8b679.css?ver=8b679
IP 67.212.168.122:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/92488fa9190dad23914e2834aec8b679.css?ver=8b679 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-length: 217
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/447d88b5ca5df5c19939c97dbf6790fa.css?ver=790fa
67.212.168.122200 OK 3.7 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/447d88b5ca5df5c19939c97dbf6790fa.css?ver=790fa
IP 67.212.168.122:0
File type ASCII text, with very long lines (56168)
Hash f6559ae4922e6683175c6435a35857ab
b593418855aa99c30de5d2ffcb49ee10760d2ed8
340afd9be5a1e821a36089cdf0c22bc619c899270cff13c9f9405a51366c1c66
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/447d88b5ca5df5c19939c97dbf6790fa.css?ver=790fa HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3736
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd
67.212.168.122200 OK 2.7 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd
IP 67.212.168.122:0
File type ASCII text, with very long lines (21556), with no line terminators
Hash 74f2b84c310e97d6f07605313ae9e4df
4c6ec53574c115110f6d8d94e12967db4ea3bb3f
e7ea71d05061979c63d8a35ad8e50b6da1cd3f710b24f6996c13cd0ae2ebf50e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2677
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/19d4afe4ec912592acad00a3d78c638b.css?ver=c638b
67.212.168.122200 OK 545 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/19d4afe4ec912592acad00a3d78c638b.css?ver=c638b
IP 67.212.168.122:0
File type ASCII text, with very long lines (2215), with no line terminators
Hash 84c47b1e8d66d20a964c73765b980ac3
854668b03b223a87513a7a4be4482a01811cfd1c
5a61721da2e75ac14500e23c2589525565480f3767373104715ba8cdb19e1e39
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/19d4afe4ec912592acad00a3d78c638b.css?ver=c638b HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 545
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/c0481dcb4e02fc74cdfb1f52d22d955e.css?ver=d955e
67.212.168.122200 OK 722 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/c0481dcb4e02fc74cdfb1f52d22d955e.css?ver=d955e
IP 67.212.168.122:0
File type ASCII text, with very long lines (2216), with no line terminators
Hash da973d6cccde48c7e9bd27371b685450
7ea63b41304e6c06a214157a5319e7808be3bd16
1f058f3196d5334eb949208572591dc4f9c3e6b8349aee1838e51600f575fd36
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/c0481dcb4e02fc74cdfb1f52d22d955e.css?ver=d955e HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 722
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/1965f61f323f5647466a9fee1a5dd6d8.css?ver=dd6d8
67.212.168.122200 OK 380 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/1965f61f323f5647466a9fee1a5dd6d8.css?ver=dd6d8
IP 67.212.168.122:0
File type ASCII text, with very long lines (1226), with no line terminators
Hash 3b57673a7b2d452762c2da988f8f3ede
d96f0f20a11008b33e89a78f8d38cb9bc084a8ab
5746a7b98e58b12238da7e3dd228f00d09d7cefc49f87e3389dec42986228c2a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/1965f61f323f5647466a9fee1a5dd6d8.css?ver=dd6d8 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 380
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/4b18adcd730a48663ba3decc2ef7b340.css?ver=7b340
67.212.168.122200 OK 1.0 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/4b18adcd730a48663ba3decc2ef7b340.css?ver=7b340
IP 67.212.168.122:0
File type Unicode text, UTF-8 text, with very long lines (6639), with no line terminators
Hash 1be7b27af7b23dbf72c6fff888598cb5
4a330f254ed02551a33214d0b5973b92fccd2d80
7622523ec13abae2ed0c0506a2b7838b2874091f78970397e01ce2f13f1638ed
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/4b18adcd730a48663ba3decc2ef7b340.css?ver=7b340 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1001
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/b75211194d6e15f1f5c2ba2f723d7dfd.css?ver=d7dfd
67.212.168.122200 OK 16 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/b75211194d6e15f1f5c2ba2f723d7dfd.css?ver=d7dfd
IP 67.212.168.122:0
File type ASCII text, with very long lines (65366)
Hash c5087424b4d35976824dbc4b87efe5f9
7a76cff31f6fa2472fe8bd46ee47d979e825caf8
b45592e78dc57b76404078b55aa6389e566c99281c882d9569ca09b9dfc7f02f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/b75211194d6e15f1f5c2ba2f723d7dfd.css?ver=d7dfd HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 15871
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/6a92ce2f9f38fc764e43467cd86a80e3.css?ver=a80e3
67.212.168.122200 OK 6.5 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/6a92ce2f9f38fc764e43467cd86a80e3.css?ver=a80e3
IP 67.212.168.122:0
File type ASCII text, with very long lines (65203)
Hash 504b177add7eb351e17a79b92946ee3a
0868625937135b22285829d4247a862061cfb3e4
353e9c7305263499365f97470d95cb85561c4604f537e8ba07504e71c2ae9347
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/6a92ce2f9f38fc764e43467cd86a80e3.css?ver=a80e3 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 6488
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961
67.212.168.122200 OK 130 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961
IP 67.212.168.122:0
File type ASCII text, with no line terminators
Hash f4ba6b7b1e0461e13143b5970df40e33
8956198d4ede2a73a95b02ae98d764ef884e1320
dc69c4141daaca952e6eb11321983a002d7bff08791eb73c514556866f281de4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-length: 130
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/92916bb8222fe83278d5fe8fb59dea3d.css?ver=dea3d
67.212.168.122200 OK 160 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/92916bb8222fe83278d5fe8fb59dea3d.css?ver=dea3d
IP 67.212.168.122:0
File type ASCII text, with very long lines (851), with no line terminators
Hash dd91c4b0d50ae7a3142de18b34fcc2ee
2dc3b8d9fe34c8b9a70ac692a098e142d10ae62e
b6c991dddf5de4458c6a323bf14fb196b4f07c2215b1911944f1c55cbd3bd3a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/92916bb8222fe83278d5fe8fb59dea3d.css?ver=dea3d HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 160
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/7e23496206b589ee6dcafb12582300f4.css?ver=300f4
67.212.168.122200 OK 2.7 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/7e23496206b589ee6dcafb12582300f4.css?ver=300f4
IP 67.212.168.122:0
File type ASCII text, with very long lines (23747), with no line terminators
Hash ecc9580ffff0ad1576b3810dc7f2926a
11703bbcb174916bdd86047e60392348447b70b4
3892faa3e30b03dee716869968fe3aa76780baa7b61a1264df2aa6bdad10c529
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/7e23496206b589ee6dcafb12582300f4.css?ver=300f4 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2676
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/f7ebde7fa24367e8826656c8b1c88329.css?ver=88329
67.212.168.122200 OK 1.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/f7ebde7fa24367e8826656c8b1c88329.css?ver=88329
IP 67.212.168.122:0
File type ASCII text, with very long lines (6740), with no line terminators
Hash 7d6d5354199160419645adb406bbc011
943530863349b400a8c26d0cff0c27b75ba174ba
d23b90c0734f69eddfff0c6f28f07e66646d0678a6e70769e579e0161e7caf81
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/f7ebde7fa24367e8826656c8b1c88329.css?ver=88329 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1300
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/8487522f0e6adfb31c37e39e55f523d9.css?ver=523d9
67.212.168.122200 OK 2.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/8487522f0e6adfb31c37e39e55f523d9.css?ver=523d9
IP 67.212.168.122:0
File type ASCII text, with very long lines (14011), with no line terminators
Hash fc7cb30d27094095486eb395132c0d33
ff1d837b4b21f5637f348943ac78936186d0c703
6dc0871a2dcffeb0a8da357020ac08a1fde597c76c49ea0830bc7800872eb628
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/8487522f0e6adfb31c37e39e55f523d9.css?ver=523d9 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2433
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/183ca4d12fdd7c0b515071edec6772ea.css?ver=772ea
67.212.168.122200 OK 634 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/183ca4d12fdd7c0b515071edec6772ea.css?ver=772ea
IP 67.212.168.122:0
File type ASCII text, with very long lines (2371), with no line terminators
Hash ed9c94d3c44e16611e454d1c93b60c87
e35f31083549ae9c6fb9d19adfcb54ca2b4f3a28
81eb3796ed61edef835115a4ae2ed4d13e27a1c8ad8115732d8a56b54dd229ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/183ca4d12fdd7c0b515071edec6772ea.css?ver=772ea HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 634
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/38f576cf962554a9508c97ee4afe73cf.css?ver=e73cf
67.212.168.122200 OK 12 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/38f576cf962554a9508c97ee4afe73cf.css?ver=e73cf
IP 67.212.168.122:0
File type ASCII text, with very long lines (47809)
Hash eba416e41eacbb9d6093f6e607053d3a
174db6fd65b9efaebaf3132dfd14abd95da7c935
e413d1184887024f01a1142c5d141bb579c044343ea5da51ecd1bf248b49fedb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/38f576cf962554a9508c97ee4afe73cf.css?ver=e73cf HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 11609
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/2015acbc81f179cd047aebfe0e9abfd5.css?ver=abfd5
67.212.168.122200 OK 587 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/2015acbc81f179cd047aebfe0e9abfd5.css?ver=abfd5
IP 67.212.168.122:0
File type ASCII text, with very long lines (2337), with no line terminators
Hash 9853e006f6d09c3bcbdc1b4b90254926
3ce103dcb6cea53467d7bf5d6e4c281f7126d2e8
22737660a2f90149a08be95c118137d1b12793595e9a926d4c703483f18cab8f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/2015acbc81f179cd047aebfe0e9abfd5.css?ver=abfd5 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 587
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/43d5e9129374bda51f6ff3251b094d6b.js?ver=94d6b
67.212.168.122200 OK 4.0 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/43d5e9129374bda51f6ff3251b094d6b.js?ver=94d6b
IP 67.212.168.122:0
File type ASCII text, with very long lines (11126)
Hash e600941b4d7acfc4363a571da7d2fc6e
d1ef17a4e51414ab5f752a57c879a56a6dfcb396
183790d1ced4183e85c94b7e6dc0589a9c8b2da9c66079e9231bb7c068657839
GET /wp-content/litespeed/js/43d5e9129374bda51f6ff3251b094d6b.js?ver=94d6b HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3996
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/a1f972015ec9db522a1e5b5c16da6de8.js?ver=a6de8
67.212.168.122200 OK 2.6 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/a1f972015ec9db522a1e5b5c16da6de8.js?ver=a6de8
IP 67.212.168.122:0
File type Unicode text, UTF-8 text, with very long lines (8879)
Hash 6a1e2fb21fdfd9a14bc913292c27dc88
4083d9fed97e8f9864edd11b9c482b8ec4856309
7426c26174b1f5496de8cb62c5309c7a058652784116969cee2abd224e58f88d
GET /wp-content/litespeed/js/a1f972015ec9db522a1e5b5c16da6de8.js?ver=a6de8 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2601
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/06239318e0e004ec75d7707e250f8ef8.js?ver=f8ef8
67.212.168.122200 OK 946 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/06239318e0e004ec75d7707e250f8ef8.js?ver=f8ef8
IP 67.212.168.122:0
File type HTML document, ASCII text, with very long lines (2888)
Hash f539c9a81a60fd6ed20c015ee6640772
fe3b8f24a646c750c21f08fabf9df2dd8a210697
85387c8f4cbe5541f746216f77ecd751f688b0b33550d7527213b6ee0e789eba
GET /wp-content/litespeed/js/06239318e0e004ec75d7707e250f8ef8.js?ver=f8ef8 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 946
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/e50b40fa43488e5627e25b627f4c86b9.js?ver=c86b9
67.212.168.122200 OK 1.8 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/e50b40fa43488e5627e25b627f4c86b9.js?ver=c86b9
IP 67.212.168.122:0
File type ASCII text, with very long lines (7353)
Hash 2629561a151565b42f5a523cfdcc120b
551139d108a24bb2f3bee6101f9f3609f302d29f
b0bcfbc8bfcd38a913950875fb25404cfdbe44cd92531b67d765b64148d5204f
GET /wp-content/litespeed/js/e50b40fa43488e5627e25b627f4c86b9.js?ver=c86b9 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1784
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/6c5f2965ac8c96e9d03184e110ffef85.js?ver=fef85
67.212.168.122200 OK 299 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/6c5f2965ac8c96e9d03184e110ffef85.js?ver=fef85
IP 67.212.168.122:0
File type HTML document, ASCII text, with very long lines (986)
Hash 4229981ec8592148e0479ff53e9fd784
8eb7789651d7bd3f111c887c01edd752c598a586
12b5ce97dca478da0eb3784cb39920c98b687a869eaae6af312ae3147ce0139c
GET /wp-content/litespeed/js/6c5f2965ac8c96e9d03184e110ffef85.js?ver=fef85 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 299
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/580334634f449aca439785711f90f072.js?ver=0f072
67.212.168.122200 OK 9.9 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/580334634f449aca439785711f90f072.js?ver=0f072
IP 67.212.168.122:0
File type ASCII text, with very long lines (31903)
Hash 6a74e2e7df692403715a0a531d57b397
e1c6a80b6aba5d1fbc69df6ce3573addd8bdb2fb
5366bbdb25caef5bfa554ad880844c664a69364c712cea59d766420c7e1eafa7
GET /wp-content/litespeed/js/580334634f449aca439785711f90f072.js?ver=0f072 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 9876
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/e07426a69e5b35cbd0b10cf9494ca1ee.js?ver=ca1ee
67.212.168.122200 OK 3.6 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/e07426a69e5b35cbd0b10cf9494ca1ee.js?ver=ca1ee
IP 67.212.168.122:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (8357)
Hash 2c5a09a43b03b0d67c540da233b559fb
dfd1a4d24bb32fb7fe0e97125d2a15220545e966
bbbba020bdd7772f1de023dc2e78189e38832b168df76a532f5cacff29474f79
GET /wp-content/litespeed/js/e07426a69e5b35cbd0b10cf9494ca1ee.js?ver=ca1ee HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3556
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/615f851e5456a592b5fcfa83a5c2f2d7.css?ver=21bc0
67.212.168.122200 OK 1.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/615f851e5456a592b5fcfa83a5c2f2d7.css?ver=21bc0
IP 67.212.168.122:0
File type ASCII text, with very long lines (6853), with no line terminators
Hash 29c945409c017d337a8891aeca324d8b
89b5f4324389a02fb54f189bcdd3f224c7c17412
d8c11ae7b68fa96be91838b6ca0faa59e827c3ac1c9e4d3456458a02ae30c3c0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/615f851e5456a592b5fcfa83a5c2f2d7.css?ver=21bc0 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1316
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/8f2fb7f8140bebdc337a219c97f24759.js?ver=24759
67.212.168.122200 OK 2.8 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/8f2fb7f8140bebdc337a219c97f24759.js?ver=24759
IP 67.212.168.122:0
File type ASCII text, with very long lines (9936)
Hash 70de0a13b077f9916bef22177f109f51
6f350bc39ec12c89036b561a1a1fadc9092d19c7
2cbe63b7a17c62e77f219d7507ce34722892f91c8a90f533024ddd2215eb48d9
GET /wp-content/litespeed/js/8f2fb7f8140bebdc337a219c97f24759.js?ver=24759 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2819
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/7bc0739f0616e53e5e1b1090bb5f9f73.js?ver=f9f73
67.212.168.122200 OK 3.7 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/7bc0739f0616e53e5e1b1090bb5f9f73.js?ver=f9f73
IP 67.212.168.122:0
File type HTML document, ASCII text, with very long lines (12309)
Hash b1373edaa43bf7068ad60972acc8e580
f24d857d8d71cc47ba1f058939ce41c6cca65337
2acdfe2cebb28a4a441d4a36e42caad3f338a9bcdff55012fbeae15cfee3369b
GET /wp-content/litespeed/js/7bc0739f0616e53e5e1b1090bb5f9f73.js?ver=f9f73 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3709
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/657a6b6b57d422ec910436011d777971.js?ver=77971
67.212.168.122200 OK 233 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/657a6b6b57d422ec910436011d777971.js?ver=77971
IP 67.212.168.122:0
File type ASCII text, with very long lines (450), with CRLF, LF line terminators
Hash dbacbe2a5e1f91908bb971e1d2257c83
5c259b40286d596e0249f8eca6b0153c1c7bc0f9
7d757c014a750a92d961e83a41cac19d64bd105ea938e6c18584100cf98d5643
GET /wp-content/litespeed/js/657a6b6b57d422ec910436011d777971.js?ver=77971 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 233
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/fe39c84bd31cbf12b6901c184005b465.js?ver=5b465
67.212.168.122200 OK 1.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/fe39c84bd31cbf12b6901c184005b465.js?ver=5b465
IP 67.212.168.122:0
File type ASCII text, with very long lines (579)
Hash 110f81909053b0a6a24882959691edf0
936a1587f1b277ca9bf7a2196c17922b230de875
0bb1b17b83bba19d5ebcf8f5146bf7fa40446a704bce4e99ea3dad6000d9195f
GET /wp-content/litespeed/js/fe39c84bd31cbf12b6901c184005b465.js?ver=5b465 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1330
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/d4ec662ca4b133d8b8928848ac3578d3.js?ver=578d3
67.212.168.122200 OK 7.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/d4ec662ca4b133d8b8928848ac3578d3.js?ver=578d3
IP 67.212.168.122:0
File type ASCII text, with very long lines (28941)
Hash 2468d583c6fdcd2b2c8d0e82f81792ff
12466dc479b3e771037678c7336739223ab7b684
53edfa5081469ade80e8cd85da9538ee4fbaef9ede9b86f25d088f0ba975f8ee
GET /wp-content/litespeed/js/d4ec662ca4b133d8b8928848ac3578d3.js?ver=578d3 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 7377
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/2cd73354b8c0fc0badbe250f88e52c04.js?ver=52c04
67.212.168.122200 OK 38 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/2cd73354b8c0fc0badbe250f88e52c04.js?ver=52c04
IP 67.212.168.122:0
File type ASCII text, with very long lines (40215)
Hash 6fa53d30d04212671e0fbce24beb4731
75205fbe136e0fcaba96403bf0b10d1828feadf6
afe5e8c1273769808fb6e95ff3cf2ef798bd0a1e9d716ed2a94dd3c3a90a4dc6
GET /wp-content/litespeed/js/2cd73354b8c0fc0badbe250f88e52c04.js?ver=52c04 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 38411
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/fc8b36bc3e75990797c35c781015fc69.js?ver=5fc69
67.212.168.122200 OK 1.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/fc8b36bc3e75990797c35c781015fc69.js?ver=5fc69
IP 67.212.168.122:0
File type ASCII text, with very long lines (1986)
Hash 9d5367a5b8f931266c62b91cbf9464f3
a2f9a85496c5eac619c2720a21ddee69bb1ed014
7bf4fa78ab3ea7289b3fa8e7ae43de504ac3aaa86ffe7a521b53bce081d7b244
GET /wp-content/litespeed/js/fc8b36bc3e75990797c35c781015fc69.js?ver=5fc69 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1300
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/a29630f8ee6bf51454bc7e953a37997d.js?ver=7997d
67.212.168.122200 OK 2.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/a29630f8ee6bf51454bc7e953a37997d.js?ver=7997d
IP 67.212.168.122:0
File type ASCII text, with very long lines (6475)
Hash 2f6d4430de29254182abdc309e8fe4a8
c504789a59951cd124e4cb7810e4b58a4111f70f
157414e439c8ff3f06fb1949efdc6f2f5d22bf92367dbc2ad1e6071952573355
GET /wp-content/litespeed/js/a29630f8ee6bf51454bc7e953a37997d.js?ver=7997d HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2358
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/ce459103b037d794c6d6b4d4a3347c72.js?ver=47c72
67.212.168.122200 OK 6.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/ce459103b037d794c6d6b4d4a3347c72.js?ver=47c72
IP 67.212.168.122:0
File type Unicode text, UTF-8 text, with very long lines (17819)
Hash 141bae0f717c8243d04e66b38c3f16cd
0d499a7048f625cd5f3dc60ed4dc791fa6ffa223
59cfc6a9bd04aa30741e375fa51795e867ad3bdf0027bab5b2fedd8aab9ece68
GET /wp-content/litespeed/js/ce459103b037d794c6d6b4d4a3347c72.js?ver=47c72 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 6339
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/aaea3944a24a634363cf90938886282e.js?ver=6282e
67.212.168.122200 OK 442 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/aaea3944a24a634363cf90938886282e.js?ver=6282e
IP 67.212.168.122:0
File type ASCII text, with very long lines (999)
Hash a1934ba4e6ff3ffa5dd9ddf83ecce83c
79d28eb0dbe2950e0e362e2fecd3a5395805d9ac
f7184b1de4ab2029131a10a42cb89b85ee4c28af9f066eb927cf9e271af4ab56
GET /wp-content/litespeed/js/aaea3944a24a634363cf90938886282e.js?ver=6282e HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 442
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77
67.212.168.122200 OK 26 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77
IP 67.212.168.122:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 490d1a3908e465cf4f8e23f7957cbbda
3f4649885318b5123265df9e987bf17785a4b504
863c2fd56639eb66824940cbc56d7c6057f482915fd34dfd262e8a926d843a95
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 05:09:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 26161
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/themes/marketplus/style.css
67.212.168.122200 OK 13 kB URL HTTP/2 www.badcreditresources.com/wp-content/themes/marketplus/style.css
IP 67.212.168.122:0
File type ASCII text, with very long lines (607)
Hash c84d1272041c74f61ade4e64af2de167
b164744bad57a021b8198cc230e6cb63edf12e1b
d517c6c7f1b1c38b6ba911f1ed72dfb9b000990933be0fa3ca87a0e796266244
GET /wp-content/themes/marketplus/style.css HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/0d3689f23fb77e5f795a756267f87961.css?ver=87961
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Tue, 17 May 2022 16:37:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 13175
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.ttf
67.212.168.122200 OK 772 kB URL HTTP/2 www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.ttf
IP 67.212.168.122:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoonVersion 1.0icomooncmo \012- data
Size 772 kB (771840 bytes)
Hash 6a36416274bc26cbda9c93fe982442fe
b7e097a87c0b868cac66d5a0c581a39fdfbb76c8
e0c7993144f37443812a2a11381f863f2b67569a9ec887328548d2988472eee6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/marketplus/fonts/icomoon.ttf HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:53 GMT
content-type: application/x-font-ttf
last-modified: Tue, 17 May 2022 16:43:30 GMT
accept-ranges: bytes
content-length: 771840
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105
67.212.168.122200 OK 64 kB URL HTTP/2 www.badcreditresources.com/wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105
IP 67.212.168.122:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3d0bf994e15529b5c6d2350e745652a4
9bf519cf6abc4af2d443ccd137e53ffa6c6b768e
5c35ebf538d76050d2df72eae5f93260a7d0a4ed335424ba9941cd0bf75d050a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/02/happy-excited-couple-buying-a-new-car-and-showing-keys.jpg?id=13105 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: image/webp
last-modified: Wed, 12 Oct 2022 13:05:12 GMT
accept-ranges: bytes
content-length: 63794
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
vary: Accept
x-webp-express: Redirected directly to existing webp
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
67.212.168.122200 OK 4.9 kB URL HTTP/2 www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
IP 67.212.168.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 743e4aa3ab05eaf89240a7e76a5fb575
976b2a1eddedc2e9588c923bf3e246bc5c30f581
fa3600cf75a53b89d9bd7849e7a70ab61f9b82659371b62bf63077c68866e1cc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:16 GMT
accept-ranges: bytes
content-length: 4850
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
67.212.168.122200 OK 772 kB URL HTTP/2 www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
IP 67.212.168.122:0
File type Web Open Font Format, TrueType, length 771916, version 0.0\012- data
Size 772 kB (771916 bytes)
Hash 5af44b8a10bc4677fac539d986a17bd4
ea00fe0597a2439dd9f2867e96cde3f40e2bd494
247b6837e45a170237225fe4ec60b841ca1b1375cd27084b1e59dcdbca3aeedc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/marketplus/fonts/icomoon.woff HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/fc47d584f545417283e396ec876b3f77.css?ver=b3f77
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: application/font-woff
last-modified: Tue, 17 May 2022 16:43:31 GMT
accept-ranges: bytes
content-length: 771916
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js
151.101.85.229200 OK 5.7 kB URL HTTP/2 cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (13445)
Hash 98fc47627fb4b9ce23eb326254d0d686
9cd965e2a0d68112e456490db6174f767398760b
4be40c0b770311ebbf16cb8c39356cfb778dd0419b7ab5c41ddcd1ce0a93b2d1
GET /npm/hockeystack@latest/hockeystack.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.3.77
x-jsd-version-type: version
etag: W/"35d1-bIVJqDXYs0lz++AhqFVaR14swSE"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:30:58 GMT
age: 18308
x-served-by: cache-fra-eddf8230050-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5702
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash e5b4f0edacb0e1ec14b068b30274304e
88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:30:58 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1754
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f95e616f98b523-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8afe6ef134cd77496b937a407bcabf1a
22ed9edc8d3aacdb3a01f03f3e49f46188a5ae1a
3543aabe1947f4c9b0936c517cb51993565d52275aeffcaf325288654c6c1c0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3543AABE1947F4C9B0936C517CB51993565D52275AEFFCAF325288654C6C1C0E"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17542
Expires: Fri, 25 Nov 2022 14:23:20 GMT
Date: Fri, 25 Nov 2022 09:30:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7bae7c42c1b20796fbf4b6d62be2962b
e0313e520ce3a5e80492cb31bca77addb695e69c
292f4154bd9c5ba1a2a5ef4f1b7cee80df94470bf3608c890b2e7e69f9bd60e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "292F4154BD9C5BA1A2A5EF4F1B7CEE80DF94470BF3608C890B2E7E69F9BD60E8"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17531
Expires: Fri, 25 Nov 2022 14:23:09 GMT
Date: Fri, 25 Nov 2022 09:30:58 GMT
Connection: keep-alive
data.hockeystack.com/send
35.157.54.242204 No Content 0 B URL HTTP/2 data.hockeystack.com/send
IP 35.157.54.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /send HTTP/1.1
Host: data.hockeystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.badcreditresources.com/
Origin: https://www.badcreditresources.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 09:30:58 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.badcreditresources.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
X-Firefox-Spdy: h2
data.hockeystack.com/send
35.157.54.242200 OK 16 B URL HTTP/2 data.hockeystack.com/send
IP 35.157.54.242:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /send HTTP/1.1
Host: data.hockeystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 543
Origin: https://www.badcreditresources.com
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 09:30:58 GMT
content-type: application/json; charset=utf-8
content-length: 16
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.badcreditresources.com
vary: Origin
access-control-allow-credentials: true
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 08:41:08 GMT
expires: Fri, 25 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 2990
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2874
Cache-Control: max-age=159808
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:58 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 05:54:26 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.badcreditresources.com/wp-content/litespeed/css/adf4440466cdf1553d1ade3424e63b1f.css?ver=63b1f
67.212.168.122404 Not Found 184 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/adf4440466cdf1553d1ade3424e63b1f.css?ver=63b1f
IP 67.212.168.122:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12683)
Size 184 kB (183603 bytes)
Hash 1be6455d3a94dff35fd01cd8d2170cd6
1f784fa02d21dd2a85285d66e1d25f7e196fd598
b574a0d93cd737fc6c62f7142729848edb73d796f61ef388ca9852371078c23d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/adf4440466cdf1553d1ade3424e63b1f.css?ver=63b1f HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.9cb90307286db4abe9fb5d311f61c79f,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg
67.212.168.122200 OK 9.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg
IP 67.212.168.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 300x300, components 1\012- data
Hash b8039c06d72c2a2750f072ab5a6fc9db
3c788e0a6d9e6f12a13cdd5e8e978499992e8a7a
00400402d6179677d822710ccbef449a5ffcfe0e60f71f2ef311f98490c32a3b
GET /wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368657.1.0.1669368657.0.0.0; _ga=GA1.1.418179922.1669368658
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:57 GMT
content-type: image/jpeg
last-modified: Mon, 28 Feb 2022 17:18:07 GMT
accept-ranges: bytes
content-length: 9414
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
vary: Accept
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg
67.212.168.122200 OK 6.2 kB URL HTTP/2 www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg
IP 67.212.168.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 150x150, components 1\012- data
Hash 0f07740b72bd966f2c1c71177e9ca449
c22c95d6734facc09cea337f6760b86fcb0e4cc5
8ab3bb36d2c4d4bb4b6e695587746c8b9ea67ada6fca54c3701d88304d262d03
GET /wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368657.1.0.1669368657.0.0.0; _ga=GA1.1.418179922.1669368658
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:57 GMT
content-type: image/jpeg
last-modified: Mon, 28 Feb 2022 17:18:07 GMT
accept-ranges: bytes
content-length: 6167
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
vary: Accept
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: vqycght9HOuqJ8esFX/CafS/itEEAC7juX/3y5+1genqQh+LmEabXbmt9DOQm3bQudUQhWC2vjwLuRt46Q5PXA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 09:30:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/plugins/addons-for-visual-composer/assets/css/ajax-loader.gif
67.212.168.122200 OK 4.2 kB URL HTTP/2 www.badcreditresources.com/wp-content/plugins/addons-for-visual-composer/assets/css/ajax-loader.gif
IP 67.212.168.122:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /wp-content/plugins/addons-for-visual-composer/assets/css/ajax-loader.gif HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/f6c86c3acfc7adb1aa946c70c6ce88fd.css?ver=e88fd
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368657.1.0.1669368657.0.0.0; _ga=GA1.1.418179922.1669368658
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:57 GMT
content-type: image/gif
last-modified: Wed, 16 Nov 2022 21:51:59 GMT
accept-ranges: bytes
content-length: 4178
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2874
Cache-Control: max-age=159808
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:58 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 05:54:26 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.badcreditresources.com/wp-content/litespeed/css/ec77d927f042413d108c851950cc1da7.css?ver=c1da7
67.212.168.122404 Not Found 28 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/ec77d927f042413d108c851950cc1da7.css?ver=c1da7
IP 67.212.168.122:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12683)
Hash 27f65bc84f89f20293d4443449e70d35
4d57dd19d1d2dddfed8b3275e4ce35b9d00cded8
3df81517c911f1239567dd7c0a423d85ea4f1aceb7ec4fdc4daa3860c1353fef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/ec77d927f042413d108c851950cc1da7.css?ver=c1da7 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.a867c755524876f3fbbc6c0d68772e76,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/b06adf5620bd6ed80d5811d3c0f98510.js?ver=98510
67.212.168.122404 Not Found 21 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/b06adf5620bd6ed80d5811d3c0f98510.js?ver=98510
IP 67.212.168.122:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12683)
Hash e06a98f91f49889e82385d9bb43b0495
3be8a090f1a78315c02af761b6f05056ee4326c4
f019c9e52a1e8a9c9c32c8e38561cc736d34b194fd8317188e77f0defc83ba68
GET /wp-content/litespeed/js/b06adf5620bd6ed80d5811d3c0f98510.js?ver=98510 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.18caf6a2d418e952928c91517642ead1,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=836355299803451&ev=PageView&dl=https%3A%2F%2Fwww.badcreditresources.com%2F&rl=&if=false&ts=1669368658208&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368658206.1154055991&it=1669368658166&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=836355299803451&ev=PageView&dl=https%3A%2F%2Fwww.badcreditresources.com%2F&rl=&if=false&ts=1669368658208&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368658206.1154055991&it=1669368658166&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=836355299803451&ev=PageView&dl=https%3A%2F%2Fwww.badcreditresources.com%2F&rl=&if=false&ts=1669368658208&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368658206.1154055991&it=1669368658166&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 09:30:58 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 507541
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 42283
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp
67.212.168.122200 OK 5.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp
IP 67.212.168.122:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b2a7dda378913c194edb52d39aae4e97
d412537c3d743c2ed1400eec31da55fcfb593a5b
09b8c68fe26720c2a2b978a67902d026219ec76e1a7346d0425de52e21a90f43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368657.1.0.1669368657.0.0.0; _ga=GA1.2.418179922.1669368658; _gid=GA1.2.276964077.1669368658; _gat_gtag_UA_225367935_2=1; _fbp=fb.1.1669368658206.1154055991
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:58 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:15 GMT
accept-ranges: bytes
content-length: 5434
date: Fri, 25 Nov 2022 09:30:58 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
142.250.74.10200 OK 20 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
IP 142.250.74.10:0
Hash 474ff1435427ab1921f97b3efaf28c4f
6c0d7cb659a98202ac9fb1783db52e4298f88a47
e37400865d9380b88282b566c38ff4d9925268f8340e2e14e8661a340e1f926f
GET /css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 09:30:54 GMT
date: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 41775
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
67.212.168.122200 OK 0 B URL HTTP/2 www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
IP 67.212.168.122:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/marketplus/fonts/icomoon.woff HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/1e109af1d30679644874c1fd05d63e22.css?ver=9cf64
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: application/font-woff
last-modified: Tue, 17 May 2022 16:43:31 GMT
accept-ranges: bytes
content-length: 771916
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/c131d51e057aab303d3bf25e033aeaf1.css?ver=aeaf1
67.212.168.122404 Not Found 0 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/c131d51e057aab303d3bf25e033aeaf1.css?ver=aeaf1
IP 67.212.168.122:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/c131d51e057aab303d3bf25e033aeaf1.css?ver=aeaf1 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.ef4cba35f098bae4f77f653a32f8a3cb,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/67252a48adc44d64f71751c04dab4ad5.js?ver=b4ad5
67.212.168.122404 Not Found 0 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/67252a48adc44d64f71751c04dab4ad5.js?ver=b4ad5
IP 67.212.168.122:0
GET /wp-content/litespeed/js/67252a48adc44d64f71751c04dab4ad5.js?ver=b4ad5 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f85_HTTP.404,f85_404,f85_URL.c0f8d79c3e3f963b8130e285a70ff030,f85_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2