r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11164
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 09:30:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6375
Cache-Control: max-age=96397
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:49 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:17:26 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4007
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 09:30:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:19:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 706
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uzd1DIRQyIfg+sYp7DjfhXLGMxGt4vBw0xQT1i5z5FMIpoDXeQkS32S9oxvSeSSGy5CrGLHD3TA=
x-amz-request-id: 2VDHT2HA11KNNQ09
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:40:44 GMT
age: 3006
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 09:30:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 1179
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.badcreditresources.com/bad-credit-equipment-leasing
301 Moved Permanently 0 B URL HTTP/1.1 www.badcreditresources.com/bad-credit-equipment-leasing
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /bad-credit-equipment-leasing HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
x-pingback: http://www.badcreditresources.com/xmlrpc.php
expires: Fri, 25 Nov 2022 10:30:49 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: http://www.badcreditresources.com/bad-credit-equipment-leasing/
x-litespeed-cache: miss
content-length: 0
date: Fri, 25 Nov 2022 09:30:49 GMT
server: LiteSpeed
ocsp.digicert.com/
200 OK 471 B IP
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5149
Cache-Control: max-age=90108
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:50 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:32:38 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TdVJqEJiaQF3S92Z6CyLzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C99de7C0lszm6qggoae5WkmYoMI=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19252
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19252
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19252
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19252
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 18472
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4abf25d4a15ce58edadd54994b3434a2
18800e21d05596f7b64213072dee7dda5c1faf61
633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tCG6Llkb9UHrJDHyxk5RgLkQ3Cds3dXRc0uMhy_9GbnzgMWk5UBS6w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:04:29 GMT
age: 74316
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 41000
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 41722
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 52762
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 41724
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.badcreditresources.com/bad-credit-equipment-leasing/
200 OK 28 kB URL HTTP/1.1 www.badcreditresources.com/bad-credit-equipment-leasing/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14550)
Hash bdacac5f33125aeb98b9e0736f0a3a70
d128c6bb544534be2fb6587e9f50a3d76ef1814c
2433d5da08ccbf0ff0d848a46f84392a2d8dd514cb75c8692701f2b70ddc4c2f
Analyzer Verdict Alert fortinet Malware
GET /bad-credit-equipment-leasing/ HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
x-pingback: http://www.badcreditresources.com/xmlrpc.php
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/", <https://www.badcreditresources.com/wp-json/wp/v2/pages/6617>; rel="alternate"; type="application/json", <https://www.badcreditresources.com/?p=6617>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: f85_HTTP.200,f85_page,f85_URL.519e3dfe7f88bcb9ffbe9a34337dfa0c,f85_Po.6617,f85_PGS,f85_guest,f85_,f85_UCSS.8dc81413c32c3b658ab5bc8e71033672,f85_MIN.51a9a726df16eb34c82779efa4272d7a.css,f85_MIN.6de30ffc398464f0c96d772d760f14fc.js
cache-control: public, max-age=3
expires: Fri, 25 Nov 2022 09:30:54 GMT
etag: "3463-1669368651;gz"
x-litespeed-cache: miss
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:51 GMT
server: LiteSpeed
fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
IP
Hash 94a59e2f49aaca429a06a78c62544990
9452ee2e82ac6e0addf600ea604fe54bf4c0206f
20496766245a5d9d1a1829457501cbf1cf11c4d3ea2b1c10c61996cb78833250
GET /css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 09:30:52 GMT
date: Fri, 25 Nov 2022 09:30:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/51a9a726df16eb34c82779efa4272d7a.css?ver=59e54
200 OK 119 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/51a9a726df16eb34c82779efa4272d7a.css?ver=59e54
IP
File type ASCII text, with very long lines (47809)
Size 119 kB (118934 bytes)
Hash 4f03b8e21e308403e4b27852c05f24ac
9a234835a8710dbc894cce0bd0db81aecf719c01
e7f3b8b1ad21038bc5599d29e9698c6f7fb5cb2621026b44c636b95ef3a59c9e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/51a9a726df16eb34c82779efa4272d7a.css?ver=59e54 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 23:28:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 118934
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
200 OK 4.9 kB URL HTTP/2 www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 743e4aa3ab05eaf89240a7e76a5fb575
976b2a1eddedc2e9588c923bf3e246bc5c30f581
fa3600cf75a53b89d9bd7849e7a70ab61f9b82659371b62bf63077c68866e1cc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:16 GMT
accept-ranges: bytes
content-length: 4850
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/plugins/litespeed-cache/guest.vary.php
200 OK 36 B URL HTTP/1.1 www.badcreditresources.com/wp-content/plugins/litespeed-cache/guest.vary.php
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2bb65d9198c8a7337055887f53032dba
dd6b94042a6529aad65e6e951f50dba7ed920c79
eba2e7eceb1c27018e4d2d1594abcb68a9b4a3237c456e6b2d90bfbd7f101867
Analyzer Verdict Alert fortinet Malware
POST /wp-content/plugins/litespeed-cache/guest.vary.php HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.badcreditresources.com/bad-credit-equipment-leasing/
Origin: http://www.badcreditresources.com
Connection: keep-alive
Content-Length: 0
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
x-litespeed-cache-control: no-cache
set-cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; expires=Sun, 27-Nov-2022 09:30:52 GMT; Max-Age=172800; path=/; HttpOnly
content-type: text/html; charset=UTF-8
cache-control: public, max-age=3
expires: Fri, 25 Nov 2022 09:30:55 GMT
content-length: 36
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-225367935-2
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-225367935-2
IP
File type ASCII text, with very long lines (1921)
Hash 98c3638ec8e36afd1c459e7ed4cc5b1b
ffe424f584573ddd4f51e9a9555c9ce6fd99b9a8
0a61a83d8bd1680d9a7f618b6ba4fb5e24cc5f390b789916a1cdbe773fe41163
GET /gtag/js?id=UA-225367935-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:53 GMT
expires: Fri, 25 Nov 2022 09:30:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43683
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js
200 OK 5.7 kB URL HTTP/2 cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js
IP
File type ASCII text, with very long lines (13445)
Hash 98fc47627fb4b9ce23eb326254d0d686
9cd965e2a0d68112e456490db6174f767398760b
4be40c0b770311ebbf16cb8c39356cfb778dd0419b7ab5c41ddcd1ce0a93b2d1
GET /npm/hockeystack@latest/hockeystack.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.3.77
x-jsd-version-type: version
etag: W/"35d1-bIVJqDXYs0lz++AhqFVaR14swSE"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:30:53 GMT
age: 18303
x-served-by: cache-fra-eddf8230050-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5702
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash e5b4f0edacb0e1ec14b068b30274304e
88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:30:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1750
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f95e479befb4fa-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8afe6ef134cd77496b937a407bcabf1a
22ed9edc8d3aacdb3a01f03f3e49f46188a5ae1a
3543aabe1947f4c9b0936c517cb51993565d52275aeffcaf325288654c6c1c0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3543AABE1947F4C9B0936C517CB51993565D52275AEFFCAF325288654C6C1C0E"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17548
Expires: Fri, 25 Nov 2022 14:23:22 GMT
Date: Fri, 25 Nov 2022 09:30:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7bae7c42c1b20796fbf4b6d62be2962b
e0313e520ce3a5e80492cb31bca77addb695e69c
292f4154bd9c5ba1a2a5ef4f1b7cee80df94470bf3608c890b2e7e69f9bd60e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "292F4154BD9C5BA1A2A5EF4F1B7CEE80DF94470BF3608C890B2E7E69F9BD60E8"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17544
Expires: Fri, 25 Nov 2022 14:23:18 GMT
Date: Fri, 25 Nov 2022 09:30:54 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0
200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash fbde2966b18c3b67946a7714fe6c4011
26b3c22bc38c1f84c29e85381673c12f03d14c61
82095e7311b3640ff700e5a61eb9891fb288c122f692d5003d54d1caeb214c42
GET /recaptcha/api.js?render=6LdAZqoeAAAAAIoz3Px8PuR86GnBevNCCRKGHqPu&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 09:30:54 GMT
date: Fri, 25 Nov 2022 09:30:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
data.hockeystack.com/send
204 No Content 0 B URL HTTP/2 data.hockeystack.com/send
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /send HTTP/1.1
Host: data.hockeystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.badcreditresources.com/
Origin: http://www.badcreditresources.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 09:30:54 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://www.badcreditresources.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
data.hockeystack.com/send
200 OK 16 B URL HTTP/2 data.hockeystack.com/send
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /send HTTP/1.1
Host: data.hockeystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 571
Origin: http://www.badcreditresources.com
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 09:30:54 GMT
content-type: application/json; charset=utf-8
content-length: 16
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://www.badcreditresources.com
vary: Origin
access-control-allow-credentials: true
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 08:41:08 GMT
expires: Fri, 25 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 2986
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4014b3f4adf5c5373118894c244afb12
1198e79d0e1e14408e3c0084a3f479122020a723
affc5983ee364e0310c082b225a90cff4ba2d01b68d2cdaf6b5ecbe780cad66d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6568
Cache-Control: max-age=163506
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 06:56:00 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: vqycght9HOuqJ8esFX/CafS/itEEAC7juX/3y5+1genqQh+LmEabXbmt9DOQm3bQudUQhWC2vjwLuRt46Q5PXA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 09:30:54 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.badcreditresources.com
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 08:12:22 GMT
expires: Sat, 25 Nov 2023 08:12:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 4712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4014b3f4adf5c5373118894c244afb12
1198e79d0e1e14408e3c0084a3f479122020a723
affc5983ee364e0310c082b225a90cff4ba2d01b68d2cdaf6b5ecbe780cad66d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6568
Cache-Control: max-age=163506
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:30:54 GMT
Etag: "63804d58-1d7"
Expires: Sun, 27 Nov 2022 06:56:00 GMT
Last-Modified: Fri, 25 Nov 2022 05:06:32 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
region1.google-analytics.com/g/collect?v=2&tid=G-75ZVSM6YVZ>m=2oeb90&_p=175470185&gdid=dZTNiMT&cid=1732205631.1669368654&ul=en-us&sr=1280x1024&_s=1&sid=1669368653&sct=1&seg=0&dl=http%3A%2F%2Fwww.badcreditresources.com%2Fbad-credit-equipment-leasing%2F&dt=Bad%20Credit%20Equipment%20Financing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-75ZVSM6YVZ>m=2oeb90&_p=175470185&gdid=dZTNiMT&cid=1732205631.1669368654&ul=en-us&sr=1280x1024&_s=1&sid=1669368653&sct=1&seg=0&dl=http%3A%2F%2Fwww.badcreditresources.com%2Fbad-credit-equipment-leasing%2F&dt=Bad%20Credit%20Equipment%20Financing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-75ZVSM6YVZ>m=2oeb90&_p=175470185&gdid=dZTNiMT&cid=1732205631.1669368654&ul=en-us&sr=1280x1024&_s=1&sid=1669368653&sct=1&seg=0&dl=http%3A%2F%2Fwww.badcreditresources.com%2Fbad-credit-equipment-leasing%2F&dt=Bad%20Credit%20Equipment%20Financing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.badcreditresources.com
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.badcreditresources.com
date: Fri, 25 Nov 2022 09:30:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
data.hockeystack.com/send
200 OK 16 B URL HTTP/2 data.hockeystack.com/send
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /send HTTP/1.1
Host: data.hockeystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 744
Origin: http://www.badcreditresources.com
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 09:30:54 GMT
content-type: application/json; charset=utf-8
content-length: 16
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://www.badcreditresources.com
vary: Origin
access-control-allow-credentials: true
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 507537
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 42279
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.badcreditresources.com/bad-credit-equipment-leasing/
200 OK 30 kB URL HTTP/1.1 www.badcreditresources.com/bad-credit-equipment-leasing/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14820)
Hash dde90f5d49bbde8540dfcc738c99f7a5
65bffd8ef4750f64dc4e31c462f0ece3722842db
4429be9497df4747ea4612e3ac344dac4b67c9b0c5307ac9b1dab00373f76519
Analyzer Verdict Alert fortinet Malware
GET /bad-credit-equipment-leasing/ HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
x-pingback: http://www.badcreditresources.com/xmlrpc.php
link: <https://www.badcreditresources.com/wp-json/>; rel="https://api.w.org/", <https://www.badcreditresources.com/wp-json/wp/v2/pages/6617>; rel="alternate"; type="application/json", <https://www.badcreditresources.com/?p=6617>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: f85_HTTP.200,f85_page,f85_URL.519e3dfe7f88bcb9ffbe9a34337dfa0c,f85_Po.6617,f85_PGS,f85_
cache-control: public, max-age=3
expires: Fri, 25 Nov 2022 09:30:56 GMT
etag: "3464-1669368653;gz"
x-litespeed-cache: miss
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
www.badcreditresources.com/wp-content/litespeed/js/6de30ffc398464f0c96d772d760f14fc.js?ver=59e54
200 OK 91 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/6de30ffc398464f0c96d772d760f14fc.js?ver=59e54
IP
File type Unicode text, UTF-8 text, with very long lines (31904)
Hash d45d41093003dbd362dc2d29ee5ff7d0
687431b6f5d6457476a4d8205f1df769ded87296
efe2c5457f1c689d621aec29c127ef55423fda3e3571692d24f61ca58c2669a0
GET /wp-content/litespeed/js/6de30ffc398464f0c96d772d760f14fc.js?ver=59e54 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:53 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Nov 2022 23:28:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 90584
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/20738bed41fd7ed68f3023552f5c5d71.css?ver=c5d71
200 OK 12 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/20738bed41fd7ed68f3023552f5c5d71.css?ver=c5d71
IP
File type ASCII text, with very long lines (47809)
Hash eba416e41eacbb9d6093f6e607053d3a
174db6fd65b9efaebaf3132dfd14abd95da7c935
e413d1184887024f01a1142c5d141bb579c044343ea5da51ecd1bf248b49fedb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/20738bed41fd7ed68f3023552f5c5d71.css?ver=c5d71 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 11609
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/467af74a5622b4cbb8bbe6c9562c9167.css?ver=c9167
200 OK 217 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/467af74a5622b4cbb8bbe6c9562c9167.css?ver=c9167
IP
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/467af74a5622b4cbb8bbe6c9562c9167.css?ver=c9167 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-length: 217
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/ad050fe04b9c52461269715f64739e53.css?ver=39e53
200 OK 3.7 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/ad050fe04b9c52461269715f64739e53.css?ver=39e53
IP
File type ASCII text, with very long lines (56168)
Hash f6559ae4922e6683175c6435a35857ab
b593418855aa99c30de5d2ffcb49ee10760d2ed8
340afd9be5a1e821a36089cdf0c22bc619c899270cff13c9f9405a51366c1c66
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/ad050fe04b9c52461269715f64739e53.css?ver=39e53 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3736
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/ceba0d319b197cf97bdcd78b57596c60.css?ver=96c60
200 OK 545 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/ceba0d319b197cf97bdcd78b57596c60.css?ver=96c60
IP
File type ASCII text, with very long lines (2215), with no line terminators
Hash 84c47b1e8d66d20a964c73765b980ac3
854668b03b223a87513a7a4be4482a01811cfd1c
5a61721da2e75ac14500e23c2589525565480f3767373104715ba8cdb19e1e39
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/ceba0d319b197cf97bdcd78b57596c60.css?ver=96c60 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 545
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/d57cccc0ac4ab0bdd4e86c39cdb15188.css?ver=15188
200 OK 722 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/d57cccc0ac4ab0bdd4e86c39cdb15188.css?ver=15188
IP
File type ASCII text, with very long lines (2216), with no line terminators
Hash da973d6cccde48c7e9bd27371b685450
7ea63b41304e6c06a214157a5319e7808be3bd16
1f058f3196d5334eb949208572591dc4f9c3e6b8349aee1838e51600f575fd36
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/d57cccc0ac4ab0bdd4e86c39cdb15188.css?ver=15188 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 722
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/d4101bdaf6dda83604477e22e9752858.css?ver=52858
200 OK 380 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/d4101bdaf6dda83604477e22e9752858.css?ver=52858
IP
File type ASCII text, with very long lines (1226), with no line terminators
Hash 3b57673a7b2d452762c2da988f8f3ede
d96f0f20a11008b33e89a78f8d38cb9bc084a8ab
5746a7b98e58b12238da7e3dd228f00d09d7cefc49f87e3389dec42986228c2a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/d4101bdaf6dda83604477e22e9752858.css?ver=52858 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 380
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/fde454be43f3562b9b218962668b8d2f.css?ver=b8d2f
200 OK 1.0 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/fde454be43f3562b9b218962668b8d2f.css?ver=b8d2f
IP
File type Unicode text, UTF-8 text, with very long lines (6639), with no line terminators
Hash 1be7b27af7b23dbf72c6fff888598cb5
4a330f254ed02551a33214d0b5973b92fccd2d80
7622523ec13abae2ed0c0506a2b7838b2874091f78970397e01ce2f13f1638ed
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/fde454be43f3562b9b218962668b8d2f.css?ver=b8d2f HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1001
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/b60baef7431f80d32d8f5feff948d257.css?ver=8d257
200 OK 130 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/b60baef7431f80d32d8f5feff948d257.css?ver=8d257
IP
File type ASCII text, with no line terminators
Hash f4ba6b7b1e0461e13143b5970df40e33
8956198d4ede2a73a95b02ae98d764ef884e1320
dc69c4141daaca952e6eb11321983a002d7bff08791eb73c514556866f281de4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/b60baef7431f80d32d8f5feff948d257.css?ver=8d257 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-length: 130
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/cffc60c1ff0118f0f5fcef9cf43c378f.css?ver=c378f
200 OK 16 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/cffc60c1ff0118f0f5fcef9cf43c378f.css?ver=c378f
IP
File type ASCII text, with very long lines (65366)
Hash c5087424b4d35976824dbc4b87efe5f9
7a76cff31f6fa2472fe8bd46ee47d979e825caf8
b45592e78dc57b76404078b55aa6389e566c99281c882d9569ca09b9dfc7f02f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/cffc60c1ff0118f0f5fcef9cf43c378f.css?ver=c378f HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 15871
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/348eaaad4fd51e005bdcdadccae6fa97.css?ver=6fa97
200 OK 6.5 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/348eaaad4fd51e005bdcdadccae6fa97.css?ver=6fa97
IP
File type ASCII text, with very long lines (65203)
Hash 504b177add7eb351e17a79b92946ee3a
0868625937135b22285829d4247a862061cfb3e4
353e9c7305263499365f97470d95cb85561c4604f537e8ba07504e71c2ae9347
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/348eaaad4fd51e005bdcdadccae6fa97.css?ver=6fa97 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 6488
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/ea9cdce654103d08fd97ca7b6504220d.css?ver=4220d
200 OK 26 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/ea9cdce654103d08fd97ca7b6504220d.css?ver=4220d
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 490d1a3908e465cf4f8e23f7957cbbda
3f4649885318b5123265df9e987bf17785a4b504
863c2fd56639eb66824940cbc56d7c6057f482915fd34dfd262e8a926d843a95
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/ea9cdce654103d08fd97ca7b6504220d.css?ver=4220d HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 26161
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/0b79892acb123fe0295cd52aa5d9df40.css?ver=9df40
200 OK 160 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/0b79892acb123fe0295cd52aa5d9df40.css?ver=9df40
IP
File type ASCII text, with very long lines (851), with no line terminators
Hash dd91c4b0d50ae7a3142de18b34fcc2ee
2dc3b8d9fe34c8b9a70ac692a098e142d10ae62e
b6c991dddf5de4458c6a323bf14fb196b4f07c2215b1911944f1c55cbd3bd3a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/0b79892acb123fe0295cd52aa5d9df40.css?ver=9df40 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 160
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/d7831b837b5efdb88e66fc0a1b897adc.css?ver=97adc
200 OK 2.7 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/d7831b837b5efdb88e66fc0a1b897adc.css?ver=97adc
IP
File type ASCII text, with very long lines (23747), with no line terminators
Hash ecc9580ffff0ad1576b3810dc7f2926a
11703bbcb174916bdd86047e60392348447b70b4
3892faa3e30b03dee716869968fe3aa76780baa7b61a1264df2aa6bdad10c529
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/d7831b837b5efdb88e66fc0a1b897adc.css?ver=97adc HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2676
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/ace375375b473916cf951a3d8819864b.css?ver=9864b
200 OK 1.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/ace375375b473916cf951a3d8819864b.css?ver=9864b
IP
File type ASCII text, with very long lines (6740), with no line terminators
Hash 7d6d5354199160419645adb406bbc011
943530863349b400a8c26d0cff0c27b75ba174ba
d23b90c0734f69eddfff0c6f28f07e66646d0678a6e70769e579e0161e7caf81
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/ace375375b473916cf951a3d8819864b.css?ver=9864b HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1300
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/612a961d26e4f89b9a18da0bc21b9c06.css?ver=b9c06
200 OK 2.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/612a961d26e4f89b9a18da0bc21b9c06.css?ver=b9c06
IP
File type ASCII text, with very long lines (14011), with no line terminators
Hash fc7cb30d27094095486eb395132c0d33
ff1d837b4b21f5637f348943ac78936186d0c703
6dc0871a2dcffeb0a8da357020ac08a1fde597c76c49ea0830bc7800872eb628
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/612a961d26e4f89b9a18da0bc21b9c06.css?ver=b9c06 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2433
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/82e001ee35ccfb79854b4adc20c49b89.css?ver=49b89
200 OK 587 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/82e001ee35ccfb79854b4adc20c49b89.css?ver=49b89
IP
File type ASCII text, with very long lines (2337), with no line terminators
Hash 9853e006f6d09c3bcbdc1b4b90254926
3ce103dcb6cea53467d7bf5d6e4c281f7126d2e8
22737660a2f90149a08be95c118137d1b12793595e9a926d4c703483f18cab8f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/82e001ee35ccfb79854b4adc20c49b89.css?ver=49b89 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 587
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/705607d7efe230b498541b5a69babae3.js?ver=abae3
200 OK 4.0 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/705607d7efe230b498541b5a69babae3.js?ver=abae3
IP
File type ASCII text, with very long lines (11126)
Hash e600941b4d7acfc4363a571da7d2fc6e
d1ef17a4e51414ab5f752a57c879a56a6dfcb396
183790d1ced4183e85c94b7e6dc0589a9c8b2da9c66079e9231bb7c068657839
GET /wp-content/litespeed/js/705607d7efe230b498541b5a69babae3.js?ver=abae3 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3996
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/45f251faa0baeea02d37d96dc763cebb.js?ver=3cebb
200 OK 2.6 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/45f251faa0baeea02d37d96dc763cebb.js?ver=3cebb
IP
File type Unicode text, UTF-8 text, with very long lines (8879)
Hash 6a1e2fb21fdfd9a14bc913292c27dc88
4083d9fed97e8f9864edd11b9c482b8ec4856309
7426c26174b1f5496de8cb62c5309c7a058652784116969cee2abd224e58f88d
GET /wp-content/litespeed/js/45f251faa0baeea02d37d96dc763cebb.js?ver=3cebb HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2601
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/faf28588a45498cda595ab8f1234e9c1.js?ver=4e9c1
200 OK 946 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/faf28588a45498cda595ab8f1234e9c1.js?ver=4e9c1
IP
File type HTML document, ASCII text, with very long lines (2888)
Hash f539c9a81a60fd6ed20c015ee6640772
fe3b8f24a646c750c21f08fabf9df2dd8a210697
85387c8f4cbe5541f746216f77ecd751f688b0b33550d7527213b6ee0e789eba
GET /wp-content/litespeed/js/faf28588a45498cda595ab8f1234e9c1.js?ver=4e9c1 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 946
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/26ba1e33a07d72efc98b7ea70b5400c1.js?ver=400c1
200 OK 1.8 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/26ba1e33a07d72efc98b7ea70b5400c1.js?ver=400c1
IP
File type ASCII text, with very long lines (7353)
Hash 2629561a151565b42f5a523cfdcc120b
551139d108a24bb2f3bee6101f9f3609f302d29f
b0bcfbc8bfcd38a913950875fb25404cfdbe44cd92531b67d765b64148d5204f
GET /wp-content/litespeed/js/26ba1e33a07d72efc98b7ea70b5400c1.js?ver=400c1 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1784
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/bceac6102fff9aca1b549f33337710e0.css?ver=710e0
200 OK 634 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/bceac6102fff9aca1b549f33337710e0.css?ver=710e0
IP
File type ASCII text, with very long lines (2371), with no line terminators
Hash ed9c94d3c44e16611e454d1c93b60c87
e35f31083549ae9c6fb9d19adfcb54ca2b4f3a28
81eb3796ed61edef835115a4ae2ed4d13e27a1c8ad8115732d8a56b54dd229ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/bceac6102fff9aca1b549f33337710e0.css?ver=710e0 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 634
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/297f65bf062534d773114c058a972349.css?ver=72349
200 OK 42 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/297f65bf062534d773114c058a972349.css?ver=72349
IP
File type ASCII text, with very long lines (65358)
Hash 2b7ca32ef9ac0f4aeaf1214b9acf9b9b
d4821c3bce58ff4ee3421fa4f904c3d9fc128214
19da75e501e3791b7170df72c3f3c4f44032ed267ad0ce3426611f8ea887ef0a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/297f65bf062534d773114c058a972349.css?ver=72349 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 42174
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/d93eb40fd9fd695b9bd5b6cf724c52c9.css?ver=c249b
200 OK 0 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/d93eb40fd9fd695b9bd5b6cf724c52c9.css?ver=c249b
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/d93eb40fd9fd695b9bd5b6cf724c52c9.css?ver=c249b HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-length: 0
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/d9d7c3d4101849eb78dfa368eeccc943.js?ver=cc943
200 OK 6.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/d9d7c3d4101849eb78dfa368eeccc943.js?ver=cc943
IP
File type Unicode text, UTF-8 text, with very long lines (17819)
Hash 141bae0f717c8243d04e66b38c3f16cd
0d499a7048f625cd5f3dc60ed4dc791fa6ffa223
59cfc6a9bd04aa30741e375fa51795e867ad3bdf0027bab5b2fedd8aab9ece68
GET /wp-content/litespeed/js/d9d7c3d4101849eb78dfa368eeccc943.js?ver=cc943 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 6339
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/6af3763a2e589f6b2c9430392c1aaf1b.js?ver=aaf1b
200 OK 5.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/6af3763a2e589f6b2c9430392c1aaf1b.js?ver=aaf1b
IP
File type ASCII text, with very long lines (19905)
Hash 07fcb2e6b615de8db0933482b9d68e32
59b60d71649eeb3131eeaf0d61686948a027629b
57af3d009a86cc771ffa7b3c5d5e5266bf4bb50be861ddfe04d6b9079e69b910
GET /wp-content/litespeed/js/6af3763a2e589f6b2c9430392c1aaf1b.js?ver=aaf1b HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 5394
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/46c61ced9e4d6880567c17c8a2aa8818.js?ver=a8818
200 OK 299 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/46c61ced9e4d6880567c17c8a2aa8818.js?ver=a8818
IP
File type HTML document, ASCII text, with very long lines (986)
Hash 4229981ec8592148e0479ff53e9fd784
8eb7789651d7bd3f111c887c01edd752c598a586
12b5ce97dca478da0eb3784cb39920c98b687a869eaae6af312ae3147ce0139c
GET /wp-content/litespeed/js/46c61ced9e4d6880567c17c8a2aa8818.js?ver=a8818 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 299
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/172a1642df8d821641658fcbf7ff3b65.js?ver=f3b65
200 OK 3.6 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/172a1642df8d821641658fcbf7ff3b65.js?ver=f3b65
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (8357)
Hash 2c5a09a43b03b0d67c540da233b559fb
dfd1a4d24bb32fb7fe0e97125d2a15220545e966
bbbba020bdd7772f1de023dc2e78189e38832b168df76a532f5cacff29474f79
GET /wp-content/litespeed/js/172a1642df8d821641658fcbf7ff3b65.js?ver=f3b65 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3556
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/css/40cbda767ebb6296d92a736fd7489a1e.css?ver=94fe4
200 OK 1.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/css/40cbda767ebb6296d92a736fd7489a1e.css?ver=94fe4
IP
File type ASCII text, with very long lines (6853), with no line terminators
Hash 29c945409c017d337a8891aeca324d8b
89b5f4324389a02fb54f189bcdd3f224c7c17412
d8c11ae7b68fa96be91838b6ca0faa59e827c3ac1c9e4d3456458a02ae30c3c0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/40cbda767ebb6296d92a736fd7489a1e.css?ver=94fe4 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1316
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/f40ec37797689c23d62fe4d9c6e0047a.js?ver=0047a
200 OK 2.8 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/f40ec37797689c23d62fe4d9c6e0047a.js?ver=0047a
IP
File type ASCII text, with very long lines (9936)
Hash 70de0a13b077f9916bef22177f109f51
6f350bc39ec12c89036b561a1a1fadc9092d19c7
2cbe63b7a17c62e77f219d7507ce34722892f91c8a90f533024ddd2215eb48d9
GET /wp-content/litespeed/js/f40ec37797689c23d62fe4d9c6e0047a.js?ver=0047a HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2819
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/90740f260fee694097a0580aeadfdf65.js?ver=fdf65
200 OK 3.7 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/90740f260fee694097a0580aeadfdf65.js?ver=fdf65
IP
File type HTML document, ASCII text, with very long lines (12309)
Hash b1373edaa43bf7068ad60972acc8e580
f24d857d8d71cc47ba1f058939ce41c6cca65337
2acdfe2cebb28a4a441d4a36e42caad3f338a9bcdff55012fbeae15cfee3369b
GET /wp-content/litespeed/js/90740f260fee694097a0580aeadfdf65.js?ver=fdf65 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3709
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/fd2496b5ac9819a5052f51f3ab8d1bf7.js?ver=d1bf7
200 OK 233 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/fd2496b5ac9819a5052f51f3ab8d1bf7.js?ver=d1bf7
IP
File type ASCII text, with very long lines (450), with CRLF, LF line terminators
Hash dbacbe2a5e1f91908bb971e1d2257c83
5c259b40286d596e0249f8eca6b0153c1c7bc0f9
7d757c014a750a92d961e83a41cac19d64bd105ea938e6c18584100cf98d5643
GET /wp-content/litespeed/js/fd2496b5ac9819a5052f51f3ab8d1bf7.js?ver=d1bf7 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 233
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/d5de537ec2e8f0d4186c0aafc021d30b.js?ver=1d30b
200 OK 1.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/d5de537ec2e8f0d4186c0aafc021d30b.js?ver=1d30b
IP
File type ASCII text, with very long lines (579)
Hash 110f81909053b0a6a24882959691edf0
936a1587f1b277ca9bf7a2196c17922b230de875
0bb1b17b83bba19d5ebcf8f5146bf7fa40446a704bce4e99ea3dad6000d9195f
GET /wp-content/litespeed/js/d5de537ec2e8f0d4186c0aafc021d30b.js?ver=1d30b HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1330
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/d8b4f587dc3e2b30e2d85d2c24530222.js?ver=30222
200 OK 1.3 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/d8b4f587dc3e2b30e2d85d2c24530222.js?ver=30222
IP
File type ASCII text, with very long lines (1986)
Hash 9d5367a5b8f931266c62b91cbf9464f3
a2f9a85496c5eac619c2720a21ddee69bb1ed014
7bf4fa78ab3ea7289b3fa8e7ae43de504ac3aaa86ffe7a521b53bce081d7b244
GET /wp-content/litespeed/js/d8b4f587dc3e2b30e2d85d2c24530222.js?ver=30222 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1300
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.ttf
200 OK 772 kB URL HTTP/2 www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.ttf
IP
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoonVersion 1.0icomooncmo \012- data
Size 772 kB (771840 bytes)
Hash 6a36416274bc26cbda9c93fe982442fe
b7e097a87c0b868cac66d5a0c581a39fdfbb76c8
e0c7993144f37443812a2a11381f863f2b67569a9ec887328548d2988472eee6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/marketplus/fonts/icomoon.ttf HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.badcreditresources.com
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:53 GMT
content-type: application/x-font-ttf
last-modified: Tue, 17 May 2022 16:43:30 GMT
accept-ranges: bytes
content-length: 771840
date: Fri, 25 Nov 2022 09:30:53 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/7ad538f49331b072e88e83c9c559ceb9.js?ver=9ceb9
200 OK 2.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/7ad538f49331b072e88e83c9c559ceb9.js?ver=9ceb9
IP
File type ASCII text, with very long lines (6475)
Hash 2f6d4430de29254182abdc309e8fe4a8
c504789a59951cd124e4cb7810e4b58a4111f70f
157414e439c8ff3f06fb1949efdc6f2f5d22bf92367dbc2ad1e6071952573355
GET /wp-content/litespeed/js/7ad538f49331b072e88e83c9c559ceb9.js?ver=9ceb9 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2358
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
200 OK 35 kB URL HTTP/1.1 www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 90306bc85d896abd8d83613f1fd48736
b27aa18d1006f02b05e9b7167b4f993be483f131
75640bc7f516c65f9905c4e6d804cab87371b64e2117a4c92f61eba9dba7c842
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.badcreditresources.com/bad-credit-equipment-leasing/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368653.1.0.1669368653.0.0.0; _ga=GA1.2.1732205631.1669368654; _gid=GA1.2.228035785.1669368654; _gat_gtag_UA_225367935_2=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 09:51:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 34867
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
www.badcreditresources.com/wp-content/litespeed/js/3318ba19b908d673595bade0ea79bc5f.js?ver=9bc5f
200 OK 442 B URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/3318ba19b908d673595bade0ea79bc5f.js?ver=9bc5f
IP
File type ASCII text, with very long lines (999)
Hash a1934ba4e6ff3ffa5dd9ddf83ecce83c
79d28eb0dbe2950e0e362e2fecd3a5395805d9ac
f7184b1de4ab2029131a10a42cb89b85ee4c28af9f066eb927cf9e271af4ab56
GET /wp-content/litespeed/js/3318ba19b908d673595bade0ea79bc5f.js?ver=9bc5f HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 442
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/66ba3830b4240753bcefba25f1fe6d09.js?ver=e6d09
200 OK 9.9 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/66ba3830b4240753bcefba25f1fe6d09.js?ver=e6d09
IP
File type ASCII text, with very long lines (31903)
Hash 6a74e2e7df692403715a0a531d57b397
e1c6a80b6aba5d1fbc69df6ce3573addd8bdb2fb
5366bbdb25caef5bfa554ad880844c664a69364c712cea59d766420c7e1eafa7
GET /wp-content/litespeed/js/66ba3830b4240753bcefba25f1fe6d09.js?ver=e6d09 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 9876
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/93af4de9e126f2a38a0a552956a0b9ba.js?ver=0b9ba
200 OK 7.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/93af4de9e126f2a38a0a552956a0b9ba.js?ver=0b9ba
IP
File type ASCII text, with very long lines (28941)
Hash 2468d583c6fdcd2b2c8d0e82f81792ff
12466dc479b3e771037678c7336739223ab7b684
53edfa5081469ade80e8cd85da9538ee4fbaef9ede9b86f25d088f0ba975f8ee
GET /wp-content/litespeed/js/93af4de9e126f2a38a0a552956a0b9ba.js?ver=0b9ba HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 7377
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/litespeed/js/ed8d88581f69a66c5f4c97c5c6dbda60.js?ver=bda60
200 OK 38 kB URL HTTP/2 www.badcreditresources.com/wp-content/litespeed/js/ed8d88581f69a66c5f4c97c5c6dbda60.js?ver=bda60
IP
File type ASCII text, with very long lines (40215)
Hash 6fa53d30d04212671e0fbce24beb4731
75205fbe136e0fcaba96403bf0b10d1828feadf6
afe5e8c1273769808fb6e95ff3cf2ef798bd0a1e9d716ed2a94dd3c3a90a4dc6
GET /wp-content/litespeed/js/ed8d88581f69a66c5f4c97c5c6dbda60.js?ver=bda60 HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 09:30:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 38411
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/themes/marketplus/style.css
200 OK 13 kB URL HTTP/2 www.badcreditresources.com/wp-content/themes/marketplus/style.css
IP
File type ASCII text, with very long lines (607)
Hash c84d1272041c74f61ade4e64af2de167
b164744bad57a021b8198cc230e6cb63edf12e1b
d517c6c7f1b1c38b6ba911f1ed72dfb9b000990933be0fa3ca87a0e796266244
GET /wp-content/themes/marketplus/style.css HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.badcreditresources.com/wp-content/litespeed/css/b60baef7431f80d32d8f5feff948d257.css?ver=8d257
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: text/css
last-modified: Tue, 17 May 2022 16:37:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 13175
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
200 OK 4.9 kB URL HTTP/2 www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 743e4aa3ab05eaf89240a7e76a5fb575
976b2a1eddedc2e9588c923bf3e246bc5c30f581
fa3600cf75a53b89d9bd7849e7a70ab61f9b82659371b62bf63077c68866e1cc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/webp-express/webp-images/uploads/2022/02/footer-bg.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:54 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:16 GMT
accept-ranges: bytes
content-length: 4850
date: Fri, 25 Nov 2022 09:30:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
data.hockeystack.com/send
200 OK 16 B URL HTTP/2 data.hockeystack.com/send
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /send HTTP/1.1
Host: data.hockeystack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 571
Origin: http://www.badcreditresources.com
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 25 Nov 2022 09:30:56 GMT
content-type: application/json; charset=utf-8
content-length: 16
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://www.badcreditresources.com
vary: Origin
access-control-allow-credentials: true
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
X-Firefox-Spdy: h2
www.badcreditresources.com/favicon.ico
404 Not Found 1.2 kB URL HTTP/1.1 www.badcreditresources.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.badcreditresources.com/bad-credit-equipment-leasing/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368653.1.1.1669368655.0.0.0; _ga=GA1.1.1732205631.1669368654; _gid=GA1.2.228035785.1669368654; _gat_gtag_UA_225367935_2=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 25 Nov 2022 09:30:55 GMT
server: LiteSpeed
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
200 OK 772 kB URL HTTP/2 www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
IP
File type Web Open Font Format, TrueType, length 771916, version 0.0\012- data
Size 772 kB (771916 bytes)
Hash 5af44b8a10bc4677fac539d986a17bd4
ea00fe0597a2439dd9f2867e96cde3f40e2bd494
247b6837e45a170237225fe4ec60b841ca1b1375cd27084b1e59dcdbca3aeedc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/marketplus/fonts/icomoon.woff HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.badcreditresources.com
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:55 GMT
content-type: application/font-woff
last-modified: Tue, 17 May 2022 16:43:31 GMT
accept-ranges: bytes
content-length: 771916
date: Fri, 25 Nov 2022 09:30:55 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=836355299803451&ev=PageView&dl=http%3A%2F%2Fwww.badcreditresources.com%2Fbad-credit-equipment-leasing%2F&rl=&if=false&ts=1669368655826&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368655825.1547297811&it=1669368655701&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=836355299803451&ev=PageView&dl=http%3A%2F%2Fwww.badcreditresources.com%2Fbad-credit-equipment-leasing%2F&rl=&if=false&ts=1669368655826&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368655825.1547297811&it=1669368655701&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=836355299803451&ev=PageView&dl=http%3A%2F%2Fwww.badcreditresources.com%2Fbad-credit-equipment-leasing%2F&rl=&if=false&ts=1669368655826&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669368655825.1547297811&it=1669368655701&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 09:30:56 GMT
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg
200 OK 9.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 300x300, components 1\012- data
Hash b8039c06d72c2a2750f072ab5a6fc9db
3c788e0a6d9e6f12a13cdd5e8e978499992e8a7a
00400402d6179677d822710ccbef449a5ffcfe0e60f71f2ef311f98490c32a3b
GET /wp-content/uploads/2022/02/BCR-Logo-2-300x300.jpg HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:55 GMT
content-type: image/jpeg
last-modified: Mon, 28 Feb 2022 17:18:07 GMT
accept-ranges: bytes
content-length: 9414
date: Fri, 25 Nov 2022 09:30:55 GMT
server: LiteSpeed
vary: Accept
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg
200 OK 6.2 kB URL HTTP/2 www.badcreditresources.com/wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 150x150, components 1\012- data
Hash 0f07740b72bd966f2c1c71177e9ca449
c22c95d6734facc09cea337f6760b86fcb0e4cc5
8ab3bb36d2c4d4bb4b6e695587746c8b9ea67ada6fca54c3701d88304d262d03
GET /wp-content/uploads/2022/02/BCR-Logo-2-150x150.jpg HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:55 GMT
content-type: image/jpeg
last-modified: Mon, 28 Feb 2022 17:18:07 GMT
accept-ranges: bytes
content-length: 6167
date: Fri, 25 Nov 2022 09:30:55 GMT
server: LiteSpeed
vary: Accept
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 507538
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 42280
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/uploads/2015/10/bad-credit-300x195.jpg
200 OK 11 kB URL HTTP/1.1 www.badcreditresources.com/wp-content/uploads/2015/10/bad-credit-300x195.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x195, components 3\012- data
Hash c140d1c643c332df3f2f9b80152aa90d
d7f655bb6e63b8a723b45d472805f4985ac649b9
8adab8294e62c4b6f71c4163e22171623bd786fcd593397b0133c548a79c9d86
GET /wp-content/uploads/2015/10/bad-credit-300x195.jpg HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.badcreditresources.com/bad-credit-equipment-leasing/
Cookie: _lscache_vary=8f19678e0ad3e63f5682ec7a31863ec6; _ga_75ZVSM6YVZ=GS1.1.1669368653.1.1.1669368655.0.0.0; _ga=GA1.2.1732205631.1669368654; _gid=GA1.2.228035785.1669368654; _gat_gtag_UA_225367935_2=1; _fbp=fb.1.1669368655825.1547297811
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: image/jpeg
last-modified: Mon, 28 Feb 2022 17:18:07 GMT
accept-ranges: bytes
content-length: 11313
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
vary: Accept
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp
200 OK 5.4 kB URL HTTP/2 www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b2a7dda378913c194edb52d39aae4e97
d412537c3d743c2ed1400eec31da55fcfb593a5b
09b8c68fe26720c2a2b978a67902d026219ec76e1a7346d0425de52e21a90f43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/webp-express/webp-images/uploads/2022/02/bcr-logo21.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: image/webp
last-modified: Fri, 07 Oct 2022 15:57:15 GMT
accept-ranges: bytes
content-length: 5434
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2011/10/Approved.jpg.webp
200 OK 19 kB URL HTTP/2 www.badcreditresources.com/wp-content/webp-express/webp-images/uploads/2011/10/Approved.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 362x332, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6791b49ebe056beb527778c474389483
6212c843f48a905cda7433b2df36929a30933257
3071b93da9568ed2b744faadfa9cff82f8284164829fd5e128a11962302d12a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/webp-express/webp-images/uploads/2011/10/Approved.jpg.webp HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:56 GMT
content-type: image/webp
last-modified: Sat, 08 Oct 2022 05:53:58 GMT
accept-ranges: bytes
content-length: 19178
date: Fri, 25 Nov 2022 09:30:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
200 OK 0 B URL HTTP/2 www.badcreditresources.com/wp-content/themes/marketplus/fonts/icomoon.woff
IP
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/marketplus/fonts/icomoon.woff HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.badcreditresources.com
Connection: keep-alive
Referer: https://www.badcreditresources.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: application/font-woff
last-modified: Tue, 17 May 2022 16:43:31 GMT
accept-ranges: bytes
content-length: 771916
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/1.1 www.badcreditresources.com/wp-includes/js/jquery/jquery.min.js
IP
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.badcreditresources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.badcreditresources.com/bad-credit-equipment-leasing/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31557600
expires: Sat, 25 Nov 2023 15:30:52 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 09:51:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 34867
date: Fri, 25 Nov 2022 09:30:52 GMT
server: LiteSpeed
fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487
IP
GET /css?family=Open%20Sans:600&subset=latin&display=swap&ver=1654007487 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.badcreditresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 09:30:55 GMT
date: Fri, 25 Nov 2022 09:30:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
67.212.168.122
104.18.20.226
23.36.76.226
151.101.85.229
157.240.200.14
93.184.220.29
35.157.54.242