r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6923
Expires: Sat, 12 Nov 2022 13:46:35 GMT
Date: Sat, 12 Nov 2022 11:51:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5777
Cache-Control: max-age=87392
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:12 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:07:44 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2678
Expires: Sat, 12 Nov 2022 12:35:50 GMT
Date: Sat, 12 Nov 2022 11:51:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 11:44:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 430
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R9YTYGUMTOLdAVrvBZx+LToOdjBRa/e3xsxqDhs+eQlSHCs5yNe6L2dH5QmQIQvZT0oc+hllcRQ=
x-amz-request-id: F2Q0ERVK0VH31WWC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 11:12:58 GMT
age: 2294
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.habari.co.tz/
41.220.128.10301 Moved Permanently 233 B IP 41.220.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 35c9d15191d3ca53ded26133b3e882d3
aafe286af0752353e3de4fb81690c7387fd82120
8647ec52e9ec1eb800c4ac119f01d3fe093dc9431df97339f2a1e5b2eb2865e1
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 12 Nov 2022 11:51:12 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 233
Connection: keep-alive
Location: https://www.habari.co.tz/
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 11:44:48 GMT
cache-control: public,max-age=3600
age: 385
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5862
Cache-Control: max-age=168801
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:13 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:44:34 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 4324f5648bb4a610b8088fbf5b845112
52f727c75768b75b1ae25c08cbc389f320c01df2
1d5e05d26f766f293ab2d58b88b33bf9c1794c885e63284ee83a0c6ad62149c6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 11:51:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 01:27:43 GMT
Expires: Sat, 19 Nov 2022 01:27:42 GMT
Etag: "52f727c75768b75b1ae25c08cbc389f320c01df2"
Cache-Control: max-age=566788,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768f0df40b9bb515-OSL
push.services.mozilla.com/
54.148.242.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.242.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ol046O6Y4Py/oV/OaCtZDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VmoIMDriYdiexxUs1Cks+R8iO7k=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?hl=en&render=explicit&onload=recaptchaOnloadCallback
142.250.74.164200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=en&render=explicit&onload=recaptchaOnloadCallback
IP 142.250.74.164:0
File type ASCII text, with very long lines (918), with no line terminators
Hash ef86ee91931540f12177f5d43e41265e
0a95563bbb28b94f05ccf00668bb71e406f1c654
bff5fe120b33627e0afbe7365f37e410b372e72af945f1f9ec4afab2c8779dcf
GET /recaptcha/api.js?hl=en&render=explicit&onload=recaptchaOnloadCallback HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 12 Nov 2022 11:51:13 GMT
date: Sat, 12 Nov 2022 11:51:13 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-P8CSNRM
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P8CSNRM
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 982d32d58db180f351bad4da9aa502c3
a16f43cfcd107848783115efe809d72c1b33ce28
365da32ba335ec2afbbe7375f0420f613ae3baf4d7b77ff3fdc0ee03f2ef9fb4
GET /gtm.js?id=GTM-P8CSNRM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 11:51:14 GMT
expires: Sat, 12 Nov 2022 11:51:14 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38510
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.habari.co.tz/SLOGAN.png
41.220.128.10200 OK 13 kB URL HTTP/2 www.habari.co.tz/SLOGAN.png
IP 41.220.128.10:0
File type PNG image data, 262 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f8e41a578a536786fa97c5109b5209a
516819fc67ce7796472094ae726dc25efe506159
be3e7ed8acc87eee60425e14fff417c9a186d1d2566d63c22df2dcfedb4f48d3
GET /SLOGAN.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: image/png
content-length: 13326
last-modified: Thu, 05 Jul 2018 12:42:13 GMT
expires: Wed, 11 Jan 2023 11:51:13 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=tz&callback=onApiLoad
142.250.74.42200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=tz&callback=onApiLoad
IP 142.250.74.42:0
File type ASCII text, with very long lines (2475)
Hash 950e52c58f542ea4eb3aad1d8465a1d5
9663eedb87702273ef8293ccb4a4bc06893061b4
d69343a8cfa18c41ba932b1824c5dfa30b644e15e4d0df0bab89ec92e248b7a8
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US®ion=tz&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sat, 12 Nov 2022 11:51:14 GMT
expires: Sat, 12 Nov 2022 12:21:14 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56284
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.habari.co.tz/assets/5e43eab3/css/bootstrap.css
41.220.128.10200 OK 90 kB URL HTTP/2 www.habari.co.tz/assets/5e43eab3/css/bootstrap.css
IP 41.220.128.10:0
File type ASCII text, with very long lines (540)
Hash e5101004b6e1933e4e323e8d63496d2b
7a89ee7456ad8166a8bf5486036079ed966926f0
2e7baf33e50383c37025d0966292fb6b64eaf8acb774e727741b97ec91d4aebd
GET /assets/5e43eab3/css/bootstrap.css HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:25:48 GMT
expires: Mon, 12 Dec 2022 11:51:13 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.habari.co.tz/img/lady.jpg
41.220.128.10200 OK 63 kB URL HTTP/2 www.habari.co.tz/img/lady.jpg
IP 41.220.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 968x645, components 3\012- data
Hash 45d2d2def55d3e1f84ecd9c0fe240b10
5259a9593c29738cec2b5d5db2d08cacc76fd411
05dd885a438f5150ac16cec3362c6c8e02e463ff8687dfc497f81d57bab3ea15
GET /img/lady.jpg HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: image/jpeg
content-length: 62621
last-modified: Fri, 11 Dec 2020 12:51:32 GMT
expires: Wed, 11 Jan 2023 11:51:13 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/icons/wifi-full-signal-interface-symbol.png
41.220.128.10200 OK 2.2 kB URL HTTP/2 www.habari.co.tz/icons/wifi-full-signal-interface-symbol.png
IP 41.220.128.10:0
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 15d3b0d49e29671a5570eff7868b49bd
916b8fc637c1b677c71f6709195d8cc3bd1998e6
238069d70c42baf3ed67efe1af12e5075843cc393624203732a464c6a91d4714
GET /icons/wifi-full-signal-interface-symbol.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: image/png
content-length: 2203
last-modified: Thu, 05 Jul 2018 12:42:18 GMT
expires: Wed, 11 Jan 2023 11:51:13 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/icons/viral-marketing.png
41.220.128.10200 OK 2.7 kB URL HTTP/2 www.habari.co.tz/icons/viral-marketing.png
IP 41.220.128.10:0
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 01d1826eb930e8da623bb235fce75da6
d1658e1ca837f85ec96e3c2fab0efb6eaf097e68
25f69199d66da5f66546db753529a1a73e3367ad47c884ee5a9c18b9306c6bab
GET /icons/viral-marketing.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: image/png
content-length: 2685
last-modified: Thu, 05 Jul 2018 12:42:18 GMT
expires: Wed, 11 Jan 2023 11:51:13 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/icons/responsive-design-symbol.png
41.220.128.10200 OK 1.6 kB URL HTTP/2 www.habari.co.tz/icons/responsive-design-symbol.png
IP 41.220.128.10:0
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 04116331a80814567064776d7b92a21c
a58b9985de07e6aaf95538244c066b807100fb3d
db252fed1df13935bf3dc55bf0c608efed9b9a5dffe8932e0ed94fa9de084c15
GET /icons/responsive-design-symbol.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 1593
last-modified: Thu, 05 Jul 2018 12:42:17 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/icons/software.png
41.220.128.10200 OK 2.3 kB URL HTTP/2 www.habari.co.tz/icons/software.png
IP 41.220.128.10:0
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash ee18ba93f466791c2e6c8c6f7d237813
e438795b0898b1a7276f3d138b12b8e706860a3d
788e155733837d2f81a79b23a0de7a4ed0147c7be65c6304e312c5b70798be17
GET /icons/software.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 2264
last-modified: Thu, 05 Jul 2018 12:42:17 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/icons/server.png
41.220.128.10200 OK 1.9 kB URL HTTP/2 www.habari.co.tz/icons/server.png
IP 41.220.128.10:0
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 60bcb8c79295c4cbcbc6c9d350eed011
20108624e3f53b181cace33f12eb3a42a8f540e1
d354f7d19e9b358e6e30c277a7f8c5e6e004a4b081f7a3cf921ba8b0770cb1c1
GET /icons/server.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 1920
last-modified: Thu, 05 Jul 2018 12:42:17 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/icons/consulting-message.png
41.220.128.10200 OK 1.6 kB URL HTTP/2 www.habari.co.tz/icons/consulting-message.png
IP 41.220.128.10:0
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 982fde4cfd959f7aa13f0dfad6cd9033
95f6c0c8ea569621bd0bb5bb5138b0830fa7ac1e
13ffc996d9b4088774c575a35f8fe22b0b0a96363d4a43cecd2ff986ad5e8552
GET /icons/consulting-message.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 1645
last-modified: Thu, 05 Jul 2018 12:42:17 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/icons/upload-to-the-cloud-stroke-interface-symbol.png
41.220.128.10200 OK 1.9 kB URL HTTP/2 www.habari.co.tz/icons/upload-to-the-cloud-stroke-interface-symbol.png
IP 41.220.128.10:0
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash fb6a8cb5f8a24cca6199fdc54a184f87
4a4e8193a0b47c7928083c6f6eec0f88b9fdb7b0
034a94c04e4b55227d7c0e71d1d54d762d326fad778f475b3bfc006443f6cfac
GET /icons/upload-to-the-cloud-stroke-interface-symbol.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 1914
last-modified: Thu, 05 Jul 2018 12:42:17 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 11:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.habari.co.tz/assets/2a3fe220/jquery.js
41.220.128.10200 OK 81 kB URL HTTP/2 www.habari.co.tz/assets/2a3fe220/jquery.js
IP 41.220.128.10:0
Hash 8957a7b5c7d7481ef47f012f030d8b49
bc6357603d6d3aea9ba434643aa32bccd27b6b8b
a51860fb4ad0276328f96157353cb0b3b903d068f672707b6e8daa75cfdcf549
Analyzer Verdict Alert fortinet Malware
GET /assets/2a3fe220/jquery.js HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:25:48 GMT
expires: Mon, 12 Dec 2022 11:51:14 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.habari.co.tz/img/resize-1607690200555172693BestWiFiServiceProvider300x300.jpg
41.220.128.10200 OK 8.5 kB URL HTTP/2 www.habari.co.tz/img/resize-1607690200555172693BestWiFiServiceProvider300x300.jpg
IP 41.220.128.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 150x150, components 3\012- data
Hash fd3f076188ff6c68071d0f13d371ceeb
636c76d47403559e5cfdb27e2aa19c4034300dad
359442ecbe906b644ff0e37309a23d217fa9c1aa9c9af3f1ae4bf1bc2ea76f32
GET /img/resize-1607690200555172693BestWiFiServiceProvider300x300.jpg HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/jpeg
content-length: 8505
last-modified: Fri, 11 Dec 2020 12:50:59 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/SLOGANWHITE.png
41.220.128.10200 OK 8.3 kB URL HTTP/2 www.habari.co.tz/SLOGANWHITE.png
IP 41.220.128.10:0
File type PNG image data, 300 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash d6f28e7cdbb1187752cecc7aa2f585d2
d2f6b94f370036e0a9baad69179f1877f2bf85f8
cfbb56624599f3479bea92b1c844492c3f49d16447c15b2cb9d56f35f3fdfbcc
GET /SLOGANWHITE.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 8281
last-modified: Thu, 05 Jul 2018 12:42:13 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12243
Expires: Sat, 12 Nov 2022 15:15:17 GMT
Date: Sat, 12 Nov 2022 11:51:14 GMT
Connection: keep-alive
www.habari.co.tz/assets/bfd154ff/fonts/fontawesome-webfont.woff2?v=4.3.0
41.220.128.10200 OK 57 kB URL HTTP/2 www.habari.co.tz/assets/bfd154ff/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 41.220.128.10:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Malware
GET /assets/bfd154ff/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.habari.co.tz/assets/bfd154ff/css/font-awesome.min.css
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D; _ga_2VLT83LLRD=GS1.1.1668253873.1.0.1668253873.0.0.0; _ga=GA1.1.637354972.1668253874
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: font/woff2
content-length: 56780
last-modified: Mon, 07 Feb 2022 12:26:04 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dea29172117b20fbba50877b6137a82c
4f059d139749207c70d8387abb5d8be54e97bca3
1a18bc2b4413225fb560a705ef5d228b6faa648f4908a51661be443d6d04001b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1655bda0-593c-40c8-bd9d-5c094248551b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6771
x-amzn-requestid: 15d0cccd-10d5-4a58-91ba-181cd48d02a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMipFOqIAMFzYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec143-45dc19d1418acd1261b050e5;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wAXmVLj9L-TESuUQLMk2wvi9GH_A_kesPJUDIXN-6GLywdRpeNsYJQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 50761
etag: "4f059d139749207c70d8387abb5d8be54e97bca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 701700f42e1b0e528a63c3bd2a4c54e7
a3af603900538ea10e094981d298a0b37d0ab896
c84ac2d3524eb950a433aa01e1226d995d87948452e4e135a4661094923ca465
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4268
x-amzn-requestid: 19d2f4e7-b6c1-4093-b54c-70a9a476ad89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEwYIAMFg7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-6e2f5a6147153e5c32cc4499;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1tbxcsSYcJuquYxeYfqcwaQaHpWmL9jwX31h1ZIyXO6i5A8gIbFQmA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "a3af603900538ea10e094981d298a0b37d0ab896"
content-type: image/jpeg
age: 50762
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.habari.co.tz/assets/5e43eab3/js/bootstrap.js
41.220.128.10200 OK 23 kB URL HTTP/2 www.habari.co.tz/assets/5e43eab3/js/bootstrap.js
IP 41.220.128.10:0
Hash 8ab61a8629dba0ff32653057b6a038b4
2955d006166af343d5e2491eff11c79671aa8006
6c81a931671455d88d0fc07a07acd4c97a1e96ea66c1f6643eedc999a8aa0548
Analyzer Verdict Alert fortinet Malware
GET /assets/5e43eab3/js/bootstrap.js HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:25:56 GMT
expires: Mon, 12 Dec 2022 11:51:14 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OKFzEoCVITStAPxYzhksarrlTkVeATx6AzBnEK32WLFaOeEIwLMu_Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
age: 50762
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.habari.co.tz/assets/7a06d4f7/js/scroll-top.js
41.220.128.10200 OK 12 kB URL HTTP/2 www.habari.co.tz/assets/7a06d4f7/js/scroll-top.js
IP 41.220.128.10:0
Hash 15209cbd3f2b852a88d33eb2010f0df7
967fcbd40edb0beb8c8de6c063c4bec35e424196
0fe817d772280b29500bc42332461901d43135b2930a3b590ebb08b26d300480
Analyzer Verdict Alert fortinet Malware
GET /assets/7a06d4f7/js/scroll-top.js HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:26:13 GMT
expires: Mon, 12 Dec 2022 11:51:14 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.habari.co.tz/img/faq.png
41.220.128.10200 OK 32 kB URL HTTP/2 www.habari.co.tz/img/faq.png
IP 41.220.128.10:0
File type PNG image data, 1500 x 436, 8-bit/color RGBA, non-interlaced\012- data
Hash 49bfb0506d8008190cb47945df48571f
24f691d4c8c3940eede3f16f3fe27651b14f7f28
fcd8289ace1223b03eb1b2a2ac6bc532310e1c0a50877c05ac1a6ab0a63b1ea5
GET /img/faq.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/css/site.css
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D; _ga_2VLT83LLRD=GS1.1.1668253873.1.0.1668253873.0.0.0; _ga=GA1.1.637354972.1668253874
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 32434
last-modified: Fri, 11 Dec 2020 12:51:32 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 49831
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.habari.co.tz/img/Screenshot%20from%202020-12-11%2011-49-10.png
41.220.128.10200 OK 60 kB URL HTTP/2 www.habari.co.tz/img/Screenshot%20from%202020-12-11%2011-49-10.png
IP 41.220.128.10:0
File type PNG image data, 699 x 330, 8-bit/color RGBA, non-interlaced\012- data
Hash a97e6ef9013327f0c572d0f126f4e7bc
1ef8a2cd3ae7a86005b023636e968d137ad1ef0f
a2f44b79466d81584e638bfb833c7b6b622332d0c0fbcf835bd1206e16b666ec
GET /img/Screenshot%20from%202020-12-11%2011-49-10.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 59542
last-modified: Fri, 11 Dec 2020 12:51:33 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/img/background-front.jpg
41.220.128.10200 OK 143 kB URL HTTP/2 www.habari.co.tz/img/background-front.jpg
IP 41.220.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x873, components 3\012- data
Size 143 kB (143378 bytes)
Hash 0cfe148694076c4cab66800ecc84896b
f94d53e09ff1758c95faccd73910e5977590d2e9
3a6a7f12b1e078f24387b6c9b2a6a1053690991343861dfb939e67db2b9d9e86
GET /img/background-front.jpg HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: image/jpeg
content-length: 143378
last-modified: Fri, 11 Dec 2020 12:51:33 GMT
expires: Wed, 11 Jan 2023 11:51:13 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-2VLT83LLRD>m=2oeb90&_p=341256578&cid=637354972.1668253874&ul=en-us&sr=1280x1024&_s=1&sid=1668253873&sct=1&seg=0&dl=https%3A%2F%2Fwww.habari.co.tz%2F&dt=Habari%20Node%20PLC&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2VLT83LLRD>m=2oeb90&_p=341256578&cid=637354972.1668253874&ul=en-us&sr=1280x1024&_s=1&sid=1668253873&sct=1&seg=0&dl=https%3A%2F%2Fwww.habari.co.tz%2F&dt=Habari%20Node%20PLC&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2VLT83LLRD>m=2oeb90&_p=341256578&cid=637354972.1668253874&ul=en-us&sr=1280x1024&_s=1&sid=1668253873&sct=1&seg=0&dl=https%3A%2F%2Fwww.habari.co.tz%2F&dt=Habari%20Node%20PLC&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.habari.co.tz
Connection: keep-alive
Referer: https://www.habari.co.tz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.habari.co.tz
date: Sat, 12 Nov 2022 11:51:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.habari.co.tz/img/our_service_transparent.png
41.220.128.10200 OK 97 kB URL HTTP/2 www.habari.co.tz/img/our_service_transparent.png
IP 41.220.128.10:0
File type PNG image data, 1054 x 529, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d34a893cf032609a0a9a707dbc27bbe
81053afe2dc4a02c4e04361bcca041ce461c8aca
20aa91e0d7820554f8b61d1a8f81c0a5714d2ecd8e0f8ac7d41b45bf66261f4d
GET /img/our_service_transparent.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/css/site.css
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D; _ga_2VLT83LLRD=GS1.1.1668253873.1.0.1668253873.0.0.0; _ga=GA1.1.637354972.1668253874
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 97437
last-modified: Thu, 05 Jul 2018 12:42:19 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 7674819550ec45821425c40bfd189095
2c20bf04c8fb02d51458619a32324cdd38a9a4f9
c11c58f12200f058f101a5f468d8b8bcaa3709adec31339318c825f53e3df3a7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112762
Date: Sat, 12 Nov 2022 11:51:14 GMT
Etag: "636e8b1b-1d7"
Expires: Sun, 13 Nov 2022 19:10:36 GMT
Last-Modified: Fri, 11 Nov 2022 17:49:15 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PcrhxA6if5dgtL0xQUHz0vW3ehx2SIZRAdemy516WeZ525Cr5MWa4g==
Age: 4881
www.habari.co.tz/img/niceguy.jpg
41.220.128.10200 OK 293 kB URL HTTP/2 www.habari.co.tz/img/niceguy.jpg
IP 41.220.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x335, components 3\012- data
Size 293 kB (293406 bytes)
Hash 7ece0e2d009a473d009dc2221fb705bf
ce692ada538239aa946fa465ac0c1bb84545eda1
238d5ad16e55eec755eecfe4ad996afd06e69a38952884cedb095e52dcb31a41
GET /img/niceguy.jpg HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/jpeg
content-length: 293406
last-modified: Fri, 11 Dec 2020 12:51:32 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/img/Screenshot%20from%202020-12-11%2011-49-00%20(1).png
41.220.128.10200 OK 458 kB URL HTTP/2 www.habari.co.tz/img/Screenshot%20from%202020-12-11%2011-49-00%20(1).png
IP 41.220.128.10:0
File type PNG image data, 680 x 419, 8-bit/color RGBA, non-interlaced\012- data
Size 458 kB (457621 bytes)
Hash e1dad80c7ac70d7ed52d002e26280827
7cfe9422760a245c40c3410328ffb60840ff6b93
aff63469df29f0c61370f39a0c8082ef2087e16e9c5a4a59da250d80613acfc7
GET /img/Screenshot%20from%202020-12-11%2011-49-00%20(1).png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: image/png
content-length: 457621
last-modified: Fri, 11 Dec 2020 12:51:33 GMT
expires: Wed, 11 Jan 2023 11:51:14 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
bootstrap.smartsuppchat.com/widget/3c605923eec3de2fbf88a526a8a06e75a674b3d1.json
18.195.45.3200 OK 468 B URL HTTP/2 bootstrap.smartsuppchat.com/widget/3c605923eec3de2fbf88a526a8a06e75a674b3d1.json
IP 18.195.45.3:0
File type JSON data\012- , ASCII text, with very long lines (1120), with no line terminators
Hash 3786aadeba6ffe1789987333753c9001
549aade7203b91d7d152e47b03829f7d9f34416f
35d971d184b94d5106d7eb502b5727e010c9ef29cc62cd2b15b4a2c9ce7551ce
GET /widget/3c605923eec3de2fbf88a526a8a06e75a674b3d1.json HTTP/1.1
Host: bootstrap.smartsuppchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.habari.co.tz
Connection: keep-alive
Referer: https://www.habari.co.tz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/json; charset=utf-8
x-version: c491ba6892f84a27ce7c7dc4487ce4efea7dc5a5
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate
x-hit: redis
etag: "460-+iEAPx4/HhVUxxE9y0017k5QZDE"
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (668)
Size 163 kB (162590 bytes)
Hash 70dc760a0efad09d703883a39f7683b2
2bc70f2a100ff27d27a89d563dfe279590c8336b
2bc59eab94309c59fba62afa40dfd841fb83760714e9ec7248ce3e10ae05fd19
GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.habari.co.tz
Connection: keep-alive
Referer: https://www.habari.co.tz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:25:44 GMT
expires: Sat, 11 Nov 2023 23:25:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
content-type: text/javascript
age: 44731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.habari.co.tz/apple-touch-icon.png
41.220.128.10200 OK 29 kB URL HTTP/2 www.habari.co.tz/apple-touch-icon.png
IP 41.220.128.10:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b731e6bb095311c482185752390af38
3ea22035841cb28c5ee3c2c838d3de51bd877843
10b4989416f1f19d261f5e2aba1063979b1844cd5c8151e1e28ff478c1ef6265
GET /apple-touch-icon.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D; _ga_2VLT83LLRD=GS1.1.1668253873.1.0.1668253873.0.0.0; _ga=GA1.1.637354972.1668253874
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:15 GMT
content-type: image/png
content-length: 28806
last-modified: Wed, 18 Apr 2018 11:41:22 GMT
expires: Wed, 11 Jan 2023 11:51:15 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.habari.co.tz/favicon-16x16.png
41.220.128.10200 OK 1.3 kB URL HTTP/2 www.habari.co.tz/favicon-16x16.png
IP 41.220.128.10:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 223e56d7fc253b27c4e7efbba1f61b13
315543dd1c78480d135556a683be5633fb60f903
bb647d64c6345bfe33c1b066e59d1bc4686f902d9c7943075e16d9351baa3294
GET /favicon-16x16.png HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D; _ga_2VLT83LLRD=GS1.1.1668253873.1.0.1668253873.0.0.0; _ga=GA1.1.637354972.1668253874
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:15 GMT
content-type: image/png
content-length: 1348
last-modified: Wed, 18 Apr 2018 11:41:22 GMT
expires: Wed, 11 Jan 2023 11:51:15 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/translates/en.json?v=40dc5d66667b97efcc02e6c0aff17d1954e58a21
185.76.9.23200 OK 17 kB URL HTTP/2 widget-v2.smartsuppcdn.com/translates/en.json?v=40dc5d66667b97efcc02e6c0aff17d1954e58a21
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (647)
Hash 68b9e9aefa4cce2efcb7d99cd625ace4
e6e56a23b2a89cdb6c5e4472469f9d847cf37bc4
218bbea08d56e0fa163cc8303bd861856d5486365113c4cf1a70b8bc186e8cc1
GET /translates/en.json?v=40dc5d66667b97efcc02e6c0aff17d1954e58a21 HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.habari.co.tz/
Origin: https://www.habari.co.tz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:51:15 GMT
content-type: application/json
last-modified: Thu, 29 Sep 2022 17:18:40 GMT
etag: W/"6335d370-fc9"
expires: Fri, 29 Sep 2023 20:02:57 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1696017777
server: CDN77-Turbo
x-77-nzt: AblMCRRIXLH/wo45AA
x-77-nzt-ray: ffffffffd9843c51b3886f63905c1c24
x-cache: HIT
x-age: 3772098
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 231427
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 251023
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8c18b94944f4e09fa32d263944ee947c
556b9280c042e952a1cbaecc515d1c05dda4454b
5f4b726aae8f34f9ec069f1f77b87b9eef731eeed70deeae137646159871f938
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88430
Date: Sat, 12 Nov 2022 11:51:15 GMT
Etag: "636e369e-1d7"
Expires: Sun, 13 Nov 2022 12:25:05 GMT
Last-Modified: Fri, 11 Nov 2022 11:48:46 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 84Yp8rWWbJeTcrPZpF_vaBN99pFJ2Vq7t9PXi7ZOGZkwwTO4yqNpWw==
Age: 2180
websocket-visitors.smartsupp.com/socket/?EIO=3&transport=websocket
18.158.80.120101 Switching Protocols 0 B URL HTTP/1.1 websocket-visitors.smartsupp.com/socket/?EIO=3&transport=websocket
IP 18.158.80.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket/?EIO=3&transport=websocket HTTP/1.1
Host: websocket-visitors.smartsupp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.habari.co.tz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r6a+OHW9D8snb9whBahGuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 12 Nov 2022 11:51:15 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DobTRmagyzJhDa1IAfvmN5mJOv4=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
www.habari.co.tz/css/site.css
41.220.128.10200 OK 0 B URL HTTP/2 www.habari.co.tz/css/site.css
IP 41.220.128.10:0
GET /css/site.css HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Dec 2020 12:52:24 GMT
expires: Mon, 12 Dec 2022 11:51:13 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/asset-manifest.json
185.76.9.23200 OK 0 B URL HTTP/2 widget-v2.smartsuppcdn.com/asset-manifest.json
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
GET /asset-manifest.json HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.habari.co.tz
Connection: keep-alive
Referer: https://www.habari.co.tz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:51:15 GMT
content-type: application/json
last-modified: Thu, 29 Sep 2022 17:19:37 GMT
etag: W/"6335d3a9-6ce"
expires: Thu, 29 Sep 2022 20:07:56 GMT
cache-control: max-age=300, public, s-maxage=60
access-control-allow-origin: *
x-accel-expires: @1668253915
server: CDN77-Turbo
x-77-nzt: AblMCRQQbR3/FAAAAA
x-77-nzt-ray: ffffffffd9843c51b3886f6316d4be0b
x-cache: HIT
x-age: 20
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.habari.co.tz/assets/7dfeabf/yii.validation.js
41.220.128.10200 OK 0 B URL HTTP/2 www.habari.co.tz/assets/7dfeabf/yii.validation.js
IP 41.220.128.10:0
Analyzer Verdict Alert fortinet Malware
GET /assets/7dfeabf/yii.validation.js HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:25:48 GMT
expires: Mon, 12 Dec 2022 11:51:14 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.habari.co.tz/assets/bfd154ff/css/font-awesome.min.css
41.220.128.10200 OK 0 B URL HTTP/2 www.habari.co.tz/assets/bfd154ff/css/font-awesome.min.css
IP 41.220.128.10:0
GET /assets/bfd154ff/css/font-awesome.min.css HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:25:58 GMT
expires: Mon, 12 Dec 2022 11:51:13 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.smartsuppchat.com/loader.js?
185.76.9.17200 OK 0 B URL HTTP/2 www.smartsuppchat.com/loader.js?
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /loader.js? HTTP/1.1
Host: www.smartsuppchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 10:30:42 GMT
etag: W/"63590c52-4ae1"
expires: Wed, 26 Oct 2022 10:35:52 GMT
cache-control: max-age=300, public, s-maxage=60
x-accel-expires: @1668253875
server: CDN77-Turbo
x-77-nzt: AblMCQ18gkP/OwAAAA
x-77-nzt-ray: ffffffff44739893b2886f6350eb9011
x-cache: HIT
x-age: 59
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/static/js/runtime-main.4e049abd.js
185.76.9.23200 OK 0 B URL HTTP/2 widget-v2.smartsuppcdn.com/static/js/runtime-main.4e049abd.js
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
GET /static/js/runtime-main.4e049abd.js HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:51:15 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 17:19:37 GMT
etag: W/"6335d3a9-9bd"
expires: Fri, 29 Sep 2023 20:02:56 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1696017776
server: CDN77-Turbo
x-77-nzt: AblMCRRoDJj/w445AA
x-77-nzt-ray: ffffffff7584b752b3886f6344650713
x-cache: HIT
x-age: 3772099
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.habari.co.tz/
41.220.128.10200 OK 0 B IP 41.220.128.10:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; path=/; HttpOnly
_csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D; path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/static/js/6.0e1e87c0.chunk.js
185.76.9.23200 OK 0 B URL HTTP/2 widget-v2.smartsuppcdn.com/static/js/6.0e1e87c0.chunk.js
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
GET /static/js/6.0e1e87c0.chunk.js HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:51:15 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 17:19:37 GMT
etag: W/"6335d3a9-81d5c"
expires: Fri, 29 Sep 2023 20:02:57 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1696017777
server: CDN77-Turbo
x-77-nzt: AblMCRQ9mDz/wo45AA
x-77-nzt-ray: ffffffff7584b752b3886f6380e5c113
x-cache: HIT
x-age: 3772098
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.habari.co.tz/assets/11096740/js/jquery.bootstrap.newsbox.min.js
41.220.128.10200 OK 0 B URL HTTP/2 www.habari.co.tz/assets/11096740/js/jquery.bootstrap.newsbox.min.js
IP 41.220.128.10:0
Analyzer Verdict Alert fortinet Malware
GET /assets/11096740/js/jquery.bootstrap.newsbox.min.js HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:26:04 GMT
expires: Mon, 12 Dec 2022 11:51:14 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.habari.co.tz/assets/7a06d4f7/css/scroll-top.css
41.220.128.10200 OK 0 B URL HTTP/2 www.habari.co.tz/assets/7a06d4f7/css/scroll-top.css
IP 41.220.128.10:0
GET /assets/7a06d4f7/css/scroll-top.css HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:26:10 GMT
expires: Mon, 12 Dec 2022 11:51:13 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.habari.co.tz/assets/7dfeabf/yii.js
41.220.128.10200 OK 0 B URL HTTP/2 www.habari.co.tz/assets/7dfeabf/yii.js
IP 41.220.128.10:0
Analyzer Verdict Alert fortinet Malware
GET /assets/7dfeabf/yii.js HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:25:48 GMT
expires: Mon, 12 Dec 2022 11:51:14 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.habari.co.tz/assets/7dfeabf/yii.activeForm.js
41.220.128.10200 OK 0 B URL HTTP/2 www.habari.co.tz/assets/7dfeabf/yii.activeForm.js
IP 41.220.128.10:0
Analyzer Verdict Alert fortinet Malware
GET /assets/7dfeabf/yii.activeForm.js HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:25:43 GMT
expires: Mon, 12 Dec 2022 11:51:14 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.habari.co.tz/assets/11096740/css/newssticker.css
41.220.128.10200 OK 0 B URL HTTP/2 www.habari.co.tz/assets/11096740/css/newssticker.css
IP 41.220.128.10:0
GET /assets/11096740/css/newssticker.css HTTP/1.1
Host: www.habari.co.tz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.habari.co.tz/
Cookie: PHPSESSID=be5ce9e6bf714a810bdf810b9478a7fa; _csrf=6943dc83657b006ead4f2f04f65fd9b6924a406653f13396609696b4e340a079a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22fLDvY-GBB13NFvK6XArMlx8AWCFwxu_8%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 11:51:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Feb 2022 12:26:04 GMT
expires: Mon, 12 Dec 2022 11:51:13 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/static/js/main.2b685341.chunk.js
185.76.9.23200 OK 0 B URL HTTP/2 widget-v2.smartsuppcdn.com/static/js/main.2b685341.chunk.js
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
GET /static/js/main.2b685341.chunk.js HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 11:51:15 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 17:19:37 GMT
etag: W/"6335d3a9-1cba4"
expires: Fri, 29 Sep 2023 20:02:57 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1696017777
server: CDN77-Turbo
x-77-nzt: AblMCRRyCM7/wo45AA
x-77-nzt-ray: ffffffff7584b752b3886f6359984613
x-cache: HIT
x-age: 3772098
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2