Report - www.homabayassembly.go.ke/sq/ansdsudsemea

Report Overview

Submitted URL
www.homabayassembly.go.ke/sq/ansdsudsemea
IP
170.10.162.193
ASN
#32748 STEADFAST
Submitted
2022-11-29 20:32:26
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.150.237
www.homabayassembly.go.ke	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	217 kB	170.10.162.193
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	746 B	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	www.homabayassembly.go.ke/sq/ansdsudsemea	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=6.0.3	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.3	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.3	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/piotnet-addons-for-elementor/assets/css/minify/extension.min.css?ver=2.4.20	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.4	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/tablepress/css/default.min.css?ver=1.14	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=6.0.3	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/vendor/font-awesome/font-awesome.min.css?ver=4.7.0	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/vendor/cleverfont/style.min.css?ver=1.9	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/bsk-pdf-manager-pro/js/bsk_pdf_manager_pro.js?ver=1.9.4	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.0.5	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7	Malware
2022-11-29	medium	www.homabayassembly.go.ke/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-11-29	medium	www.homabayassembly.go.ke/sq/ansdsudsemea	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	www.homabayassembly.go.ke/wp-content/plugins/bsk-pdf-manager-pro/js/bsk_pdf_manager_pro.js?ver=1.9.4	14 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/bsk-pdf-manager-pro/js/bsk_pdf_manager_pro.js?ver=1.9.4 IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 1e3eebe995c56eb3b55d3cbaa3151e45 9385d61d97fbd341e1e2fcec2e12d6fa8dadb1c9 6746dba9ac0f123d05e422ed2bd0e17cb63e315cf2b03d0b21084c7705e9ec9d Loading...

	www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.57	44 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.57 IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash ab7c15aa015858123ef77a68091094e4 49aa0feddb99e4845cb4673de35c26453832a92d 9690165af8444898abafe18dabedfa8e042ebd6be721a119167f491808a34caf Loading...

	www.homabayassembly.go.ke/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0	16 kB	2023-03-07	2024-04-15
Pretty URL www.homabayassembly.go.ke/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-04-15 11:35:11 Times Seen217 Hash ca2c44948f1078e4664c34670e8880e9 b42f15a64e9385b0c531f905ef01cfe676af767d ce54fc66e0c96540ec003f661021f390e298d8ba478e47c8b1ebbe95702e4436 Loading...

	www.homabayassembly.go.ke/wp-content/plugins/mystickymenu/js/mystickymenu.min.js?ver=2.6.1	7.7 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/mystickymenu/js/mystickymenu.min.js?ver=2.6.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash fd364b3daa6252db2f6cc8b50f890919 224fc1c099a4136b07c41f0a420edc072bc1cf35 e2c483f124f70b0a91d3ac506840fd384a7641549f9f2cd93d3c56cb5d9b024c Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	91 B	2023-03-07	2024-05-10
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:06 Last Seen2024-05-10 12:08:39 Times Seen484 Hash f231cf3015cd0931ba33e825343b48bb d6cfcbf58092bcbaec13e419e264d9e2894bbd86 98de1de200c64542b0278f062765eb2e6536fafbee1cb221b3f20e7ca73bc709 Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	240 B	2023-03-10	2023-10-31
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:50:19 Last Seen2023-10-31 11:01:30 Times Seen4 Hash 3f334c01dc74121507a66820a03d1d37 4f50fc631d4bf5114da98c9464da81b455e0b504 d085cb3be8119072f7c643bb21e38079acf5adfab19027e666d8e2e3e7c8906b Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	2.2 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen2 Hash 393b9eda9551a3744c20d2bd8b7f023c f90cd53b5596d710c94c747921a05aa9cef640b8 e9dc0dafa0100e4980a0f1f654977b3da65b9be50b9bcec3c7962e6bf4002c8d Loading...

	www.homabayassembly.go.ke/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-11
Pretty URL www.homabayassembly.go.ke/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-11 01:26:12 Times Seen69213 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.3	25 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.3 IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 62e8065cec1cd8a932a11bd0fc1096b1 46caad8e48b80240ba74e57e72bb75114d6a0c3c fbc8d0ba316d8e18d6b736cff459218c26206b4341ed8e62d3e6da5b6fa79e4a Loading...

	www.homabayassembly.go.ke/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	13 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 26a43c33b542aa3e418791887af81af4 2f8e890adcc4fa8974bcd3580c9b6d3eea1427a1 c1f5e75b728ca6e9a8bba8b7ddf910ac1da12b8dc5e14d52226c55142e64eb6b Loading...

	www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/theme.vanilla.min.js?ver=3.0.5	102 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/theme.vanilla.min.js?ver=3.0.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash c13c4becad406a0ea07c312c5bbd724f b4bd429f7c063659f4301883b87685fbbb8a3ff3 b6e17069d56661d0a74e4feaf03c847fdc8e939eedc1eb4bdc92a9080c5c06d1 Loading...

	www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/frontend/js/cmm4e.min.js?ver=1.1.2	7.1 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/frontend/js/cmm4e.min.js?ver=1.1.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash c371fcb84b2c516131cfa0e2d2ef9208 a0d5e0b1c7ea40235a789a642a0e692eecdeb145 ede164867f5e9d6203afa13434f4b1ef35b3fe35722c1ce9d6473cc92639bb28 Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:18:04 Times Seen37534582 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.homabayassembly.go.ke/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94	10 kB	2023-03-07	2024-05-10
Pretty URL www.homabayassembly.go.ke/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-10 18:32:48 Times Seen2105 Hash f270dd1f483179fdcfb29ce5f91aea13 166661187a97f0b6b685ec4dbdff871e9824168f 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7 Loading...

	www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/flickity.pkgd.min.js?ver=3.0.5	61 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/flickity.pkgd.min.js?ver=3.0.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 5c9497205c610dad74154f1b2762c0b9 23448398e2fdd8acd1380b09150ac353c4260f2a 9def53327bd56eaf4e2829e8e58668e398aa79d8d29c9ce04dd0cfa1ee5a08b0 Loading...

	www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/magnific-popup.min.js?ver=3.0.5	24 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/magnific-popup.min.js?ver=3.0.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 55105f8a822f9fd49a1979949042147c 65f9edbdad17f53ba2c695f02283a4f8576a0fe0 97c15e9de592eadc9e86af82aa5dcbf3971e7ca86267bec5bbe94977dd84b5e4 Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	113 B	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen2 Hash ae3046bee2f91dd6b0aa2565ec0a2308 b638f0536d3f7c774e5e43ab42e5377f9954599f 6a2ee55d5e2ed6ac32536af0e6745354901a16ca83159488ab969edd0e392612 Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	885 B	2023-03-11	2023-03-11
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-03-11 22:36:26 Times Seen1 Hash 1e30602ef26dd87b458ebd90dd44fff2 bb322131bf2fc8da3c4b0260b047f1ef070d83ad 4003bb9b448990c104bd852547a63e27609534fd81afd343d5537ffcad1da9a0 Loading...

	www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.3	66 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.3 IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen2 Hash e88264099d20f8eee4f0df146ca9a978 65673b9b2167d26de9c3a07c75562391d929d3cc ad5f938e5c6e7fe8fbc78f248e85c9a7ef1d52c947bdd98a4fa442ce67442964 Loading...

	www.homabayassembly.go.ke/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	16 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash cf74281e6555b95b38616618e1b7342b 6e36744b007007ab25267b71c70a7baeb79045f9 03016a76261b1f85d19a75846e77c97fe2e0346b9c748adc66a4ac2bbe206d02 Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	68 B	2023-03-07	2024-05-11
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-11 03:56:57 Times Seen22860 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/sidr.js?ver=3.0.5	13 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/sidr.js?ver=3.0.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 118dad6c5791e31dd4a83aeda16fcc51 a003eb81daaa6bfee8f4e8ce1cf8dce21bc0a0f7 6d36f68aa08ba5f1e8598dd15105406dbe54af760da1700b60dbe0ee5497c94f Loading...

	www.homabayassembly.go.ke/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.3.2	12 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 9bdcdd91ba22e24c087422c9e766e196 5b45c1eebd5b3cbad8b2ae86932b9f03dd55c102 feafecf2a6dde5089fb9dc69511e319936067f879357ae6c6232e4ab188ad35a Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	251 B	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen2 Hash 1a3603406dc5a8e7c3bb910715c1a462 8ca98131000d2f3d9443d68805e62c3c90aab669 35f2e85d6ecde84a581dd0f8f49d32016925256124d4ca124a66e589003d1e6c Loading...

	www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/smoothscroll.min.js?ver=3.0.5	7.7 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/smoothscroll.min.js?ver=3.0.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash a51ce2e52a57bf14d936180a7d3042f8 57699354015d7da15047ef705aed38ab9c57566a 8e3ac14876081ba03469d78610a9a03aabc170b26f44102db02aa4de855b586f Loading...

	www.homabayassembly.go.ke/wp-content/plugins/mystickymenu/js/detectmobilebrowser.js?ver=2.6.1	5.9 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/mystickymenu/js/detectmobilebrowser.js?ver=2.6.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash a5f44713053fd58a59600cc8574942e7 38d4d1e213144b1e30fa490b43840d83c6aa65a1 f578f1ee2c42f6758baa89817a06305b8f1f927411aacdafcb425dff7b1ed247 Loading...

	www.homabayassembly.go.ke/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-05-10
Pretty URL www.homabayassembly.go.ke/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-10 20:32:53 Times Seen38257 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	1.0 kB	2023-03-07	2024-05-11
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-11 00:02:46 Times Seen1747 Hash 501a4cfc020caaba2b514ad6836778c8 b6f36f22e2f69d3fda381e2dbbd6b4a735a766ed c02c68afc5ec8e181ad157c1eb94bb232fb9a077178311fd96abe6178fbe01dd Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	486 B	2023-03-11	2023-03-11
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-03-11 22:36:26 Times Seen1 Hash 7f2768df52bc10824ae1c03ab94bb171 902891ff413545b065afa41ed66552abbfd15e60 87ef2101b25f713e38de4e5ce7e3f53e8999cbdab58fcef100d4b99f2dedd533 Loading...

	www.homabayassembly.go.ke/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-05-10
Pretty URL www.homabayassembly.go.ke/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 21:46:47 Times Seen32124 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.homabayassembly.go.ke/wp-content/plugins/piotnet-addons-for-elementor/assets/js/minify/extension.min.js?ver=2.4.20	75 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/piotnet-addons-for-elementor/assets/js/minify/extension.min.js?ver=2.4.20 IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:26 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 563b5b914971d77487beb8688348b16e 66658aa2fe0a8ac8f410ef3c30bdf29066d120f2 f2c6fe507378ddbb8c83ceb3fe1e9eb4cf249e3e828a9ae44bbc6d713e7c1129 Loading...

	www.homabayassembly.go.ke/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-05-10
Pretty URL www.homabayassembly.go.ke/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-10 20:32:53 Times Seen15578 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	www.homabayassembly.go.ke/wp-includes/js/imagesloaded.min.js?ver=4.1.4	5.6 kB	2023-03-07	2024-05-10
Pretty URL www.homabayassembly.go.ke/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-05-10 18:21:16 Times Seen31136 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	96 B	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:27 Last Seen2023-05-22 10:52:04 Times Seen2 Hash 8778904c608c41561c9c0c16c3402f0a fe5935a33c637da876ebbf1d8526f0cb2970b575 8cb4068f73fd80e6123c64168266e37a9105e98e388acfeceb0f973571724c44 Loading...

	www.homabayassembly.go.ke/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3	4.9 kB	2023-03-07	2024-05-10
Pretty URL www.homabayassembly.go.ke/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-10 23:57:06 Times Seen24472 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	www.homabayassembly.go.ke/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.6.4	69 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.6.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:27 Last Seen2023-05-22 10:52:04 Times Seen3 Hash f7e759b38cdea891d3b9e5bdeb07d52f 11da4c6a5c7f7e85f4fc8ec5ba187a3681a21c7d 81ee4e3f437f5b3f0d2fc877fcc4fcac3cf33d1abda606fb69f2eae0d107e663 Loading...

	www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/isotope.pkgd.min.js?ver=3.0.5	39 kB	2023-03-11	2023-05-22
Pretty URL www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/js/vendors/isotope.pkgd.min.js?ver=3.0.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:36:27 Last Seen2023-05-22 10:52:04 Times Seen3 Hash 461c2a14adfdef0bc91bab32bc9d3c48 a29a7f7a7bf772aa69e9a7ea95a9255e331da7ae bc79698eb587e247085f7d55ce7beb8ba735e0fe6bad4b4d127bd604d2e4feb6 Loading...

	www.homabayassembly.go.ke/sq/ansdsudsemea	55 B	2023-03-07	2024-05-03
Pretty URL www.homabayassembly.go.ke/sq/ansdsudsemea IP 170.10.162.193 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:23:13 Last Seen2024-05-03 04:10:09 Times Seen10 Hash f975dc418304edf9c24660789b1d2a25 fb171cd0244bc8b6d2c441a8c4289d7fd79fd09c e732ff958fdb882399508cccbde386f51598188ff146166a1852621005ebb828 Loading...

HTTP Transactions (51)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3760
Expires: Tue, 29 Nov 2022 21:34:55 GMT
Date: Tue, 29 Nov 2022 20:32:15 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4585
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:32:15 GMT
Last-Modified: Tue, 29 Nov 2022 19:15:50 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6745
Expires: Tue, 29 Nov 2022 22:24:40 GMT
Date: Tue, 29 Nov 2022 20:32:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 20:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 860
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: zmRe/B1mACZ9o/7asWW+0PFS/jPP+hLvxlqk9zT2sabDzZQr8PiEJpUWu4dkX5ASIysMgf5ZM3j7vyEgKQ+Bcg==
x-amz-request-id: N4MDGS8ZYE178WK9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 19:45:35 GMT
age: 2800
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 20:32:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 20:11:13 GMT
cache-control: public,max-age=3600
age: 1262
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/sq/ansdsudsemea

170.10.162.193

301 Moved Permanently

0 B

URL HTTP/1.1
www.homabayassembly.go.ke/sq/ansdsudsemea
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sq/ansdsudsemea HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: __wpdm_client=a59f007fbf3384ccc33cc586d5d348f0; HttpOnly
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.homabayassembly.go.ke/sq/ansdsudsemea
content-length: 0
date: Tue, 29 Nov 2022 20:32:16 GMT
server: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5450
Cache-Control: max-age=137122
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:32:16 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:37:38 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.150.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KdWg//vWNmOjbxC+4zgdyw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gwv77SQluJF2DaOWyyiKedBMnrU=

www.homabayassembly.go.ke/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

170.10.162.193

200 OK

11 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (43771)
Size
11 kB (10946 bytes)
Hash
d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/bsk-pdf-manager-pro/css/bsk-pdf-manager-pro.css?ver=1.9.4

170.10.162.193

200 OK

620 B

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/bsk-pdf-manager-pro/css/bsk-pdf-manager-pro.css?ver=1.9.4
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text
Size
620 B (620 bytes)
Hash
558b401dfaf3539b7e5afcac3216bf41
e73cb7f7f2c42391d0a89caf18d26da73a675047
aa6a53368a4944697101fd5895957bf537fdc613dce9603cd605d959944c8d2c

HTTP Headers

GET /wp-content/plugins/bsk-pdf-manager-pro/css/bsk-pdf-manager-pro.css?ver=1.9.4 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Wed, 18 Nov 2020 14:22:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 620
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

170.10.162.193

200 OK

848 B

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Mon, 11 Oct 2021 09:40:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:32:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:32:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:32:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:32:17 GMT
Connection: keep-alive

www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=6.0.3

170.10.162.193

200 OK

20 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=6.0.3
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (65317)
Size
20 kB (20187 bytes)
Hash
98f370c7374fe831200dc07921d1ac5d
8d9dbb63510ec3bccfc44e52160c0e66c32d145a
f4e76bb321b1135ec0c80c59d68bc3fe2b8007ef9fad7c45ca3b82a86527481f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=6.0.3 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Mon, 22 Aug 2022 02:23:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20187
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:32:17 GMT
Connection: keep-alive

www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.3

170.10.162.193

200 OK

9.0 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.3
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (57835), with no line terminators
Size
9.0 kB (8981 bytes)
Hash
facb99baf7752b3e68995289f018e533
594e838584f82eb535b113aed8a42263126a1f9f
13c8ec13de2278e57f740e8e8506733f76b900742b35f7ad993fa9f8710b4c68

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.3 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Mon, 16 Aug 2021 04:00:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8981
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:32:17 GMT
Connection: keep-alive

www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.3

170.10.162.193

200 OK

11 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.3
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (482)
Size
11 kB (11363 bytes)
Hash
5eb37e7bb261b31e1b541d682fd26cf0
31ceb1922e7e44a403fad5d55235cab6c1f4b7de
85044b11b1b54a9a1ff72e6ab62212276b08dfacb5d1a453c7e0549032d16fd5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.3 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Mon, 16 Aug 2021 04:00:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11363
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 81923
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 62046
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/piotnet-addons-for-elementor/assets/css/minify/extension.min.css?ver=2.4.20

170.10.162.193

200 OK

307 B

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/piotnet-addons-for-elementor/assets/css/minify/extension.min.css?ver=2.4.20
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (1115), with no line terminators
Size
307 B (307 bytes)
Hash
12219dec8d30c07b04286dcd3a786d39
a7187cbab8a655f52c87c5ed3673d040afb9c5eb
4a81c2ee0b76abbc46dd7a5cb95620ac3c6caa4f2123a3ef6598963bdc2276d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/piotnet-addons-for-elementor/assets/css/minify/extension.min.css?ver=2.4.20 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 09:16:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 307
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.4

170.10.162.193

200 OK

9.2 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.4
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Size
9.2 kB (9182 bytes)
Hash
ca1bf7af523e8f67174471206052065b
b1c7b802424c420557f0d2402d18f5102597bb5a
1180fc8cf713f1ce658d42c93be46ed41c0a948c9d3104c0bbf1f121fdc19ce4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.4 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Wed, 18 Nov 2020 14:22:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9182
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1

170.10.162.193

200 OK

12 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (59158)
Size
12 kB (12380 bytes)
Hash
7dce648d28c2ca91d5543f1657432fbc
1ebcc78e1d7806dab610a4b3d47dadbcd0215e3c
8b2199af0476ad851316120a11948ccff52a19600ae5c4f95d859b929a0e0729

HTTP Headers

GET /wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 09:06:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12380
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9546 bytes)
Hash
9a6e5f60b87d3879606a6707feb37a73
373c96c2e0006d70954d4b4ebd850f62f558e92c
1ae48f692f44d357e21eec708b46f22c36a3de21be8d0f1c2035d197e0aa89de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9546
x-amzn-requestid: 60e352b5-ab38-4975-bf26-500f0a639a2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFfulExwIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637edff6-1364912f7fd292da6453a83e;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 03:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qtRAIXoswvTgNWZzaQE1WHZQXoJRtK9nKpusFtXH3pDRHH_DZtsLFw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 07:16:35 GMT
age: 47742
etag: "373c96c2e0006d70954d4b4ebd850f62f558e92c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0

170.10.162.193

200 OK

2.3 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (10927), with no line terminators
Size
2.3 kB (2313 bytes)
Hash
64f6237567e3cf8796295343039a352e
e4af3e6ae53c4c41828057b729b443dd158111ec
c558229bb9505d28966ba3ad6daa109310112c4fa01997291aea288abf2e5573

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 09:06:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2313
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 56547
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 81022
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4871 bytes)
Hash
a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qh3WqWdBmMG3fzchn3OvxbEpwm2wl_CXi105CL4uJda47N9ZX3CyLA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 09:01:36 GMT
age: 41441
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 20:32:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.homabayassembly.go.ke/wp-content/plugins/tablepress/css/default.min.css?ver=1.14

170.10.162.193

200 OK

2.0 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (5092), with no line terminators
Size
2.0 kB (2016 bytes)
Hash
f13e1637411c99de7b2ffd9f9a0d4556
f7b837efa8147941b89a06978a3a918c1feb90a2
19891fc9eeecce9fef6583a72ccb9f3bc2d213a67b9bc4ae481b69d2e4206ec3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Tue, 31 Mar 2020 14:36:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2016
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7

170.10.162.193

200 OK

741 B

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (13766)
Size
741 B (741 bytes)
Hash
77fd2796ca14b11a4dede61cfa34609e
8296a2cebbdac0347b509c3e1d7246526a06bd3a
5d3b09a1871a41d1210bf06dfb2c0c38ab0e68f2ef7cbfca8b5776b1eda22575

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 14:50:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 741
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.3.2

170.10.162.193

200 OK

708 B

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.3.2
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (3432)
Size
708 B (708 bytes)
Hash
f3ca6b9879df2ed966ae1150f3353baa
03c9aa5c941faad5f1efb4aa66ff623220f697ab
f33030c0a254c90f0fc701442b0468c882d105c44f20923696747cc09e7709cd

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.3.2 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Tue, 14 Jun 2022 06:21:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 708
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=6.0.3

170.10.162.193

200 OK

6.2 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=6.0.3
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
Unicode text, UTF-8 text, with very long lines (51619), with no line terminators
Size
6.2 kB (6210 bytes)
Hash
20db916d10cfc8745d24a4d19a0f73aa
06e047ebe7c9ac50d2fd0f71a9e8388539e308db
9f11208676a929159b38acfb84e7ddd9b2dc01b359d5f4207be745cb3abb16b1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=6.0.3 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 08:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6210
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/vendor/font-awesome/font-awesome.min.css?ver=4.7.0

170.10.162.193

200 OK

6.7 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/vendor/font-awesome/font-awesome.min.css?ver=4.7.0
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (30819)
Size
6.7 kB (6656 bytes)
Hash
4a3a99f3bbc11138c5e078e4f78893b1
540385f21ed3dfba9444b04c55a44ed5f0027caf
182faef2e0c0f081207e8eebf656ee9a738bc5463fd04abc7821407b0e46446c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/clever-mega-menu-for-elementor/assets/vendor/font-awesome/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Wed, 18 Nov 2020 14:22:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6656
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/vendor/cleverfont/style.min.css?ver=1.9

170.10.162.193

200 OK

2.4 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/vendor/cleverfont/style.min.css?ver=1.9
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (15520)
Size
2.4 kB (2445 bytes)
Hash
5f204acaa375639149ba6ff1097de15f
697038b591def8bae3928407bf5a0592756e4d13
30b892209ac1ab42ce1e7a35b3ecfc3ffd7117ba2e30f916c6b3d9252edddf68

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/clever-mega-menu-for-elementor/assets/vendor/cleverfont/style.min.css?ver=1.9 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Wed, 18 Nov 2020 14:22:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2445
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/frontend/css/default-skin.min.css?ver=1.1.2

170.10.162.193

200 OK

2.6 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/clever-mega-menu-for-elementor/assets/frontend/css/default-skin.min.css?ver=1.1.2
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (20540)
Size
2.6 kB (2615 bytes)
Hash
3b95051a440880c2789491795d0c8d88
beceee381cce23e708fc144a179e70e074ca3b96
b01fd885f801a23d903847061b757b0ead78197e5013a7a1f8d29bf7e9c9a909

HTTP Headers

GET /wp-content/plugins/clever-mega-menu-for-elementor/assets/frontend/css/default-skin.min.css?ver=1.1.2 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Wed, 18 Nov 2020 14:22:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2615
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

170.10.162.193

200 OK

4.0 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/bsk-pdf-manager-pro/js/bsk_pdf_manager_pro.js?ver=1.9.4

170.10.162.193

200 OK

2.9 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/bsk-pdf-manager-pro/js/bsk_pdf_manager_pro.js?ver=1.9.4
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text
Size
2.9 kB (2946 bytes)
Hash
6c0e5221e5ac6568de39c1310f4b0a8f
9a5f88b5b4990b686a15e9932d609ca5d1e9c96c
ca544c58a56cb46cc9d9a84957d5ae8f80b1ee804f0d1dd04f5de91b47a3ae91

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bsk-pdf-manager-pro/js/bsk_pdf_manager_pro.js?ver=1.9.4 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 14:22:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2946
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.3

170.10.162.193

200 OK

8.5 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.3
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (21084)
Size
8.5 kB (8512 bytes)
Hash
e1e57dce1086ad3cd1b0218b2d8121b9
bbb4b164484d5be83d4054e0f3c9e77f1763ebde
26207d198ce9965d637cf22833fe59c336aa6817192c3e1c5576546c0681b5d4

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.3 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: application/javascript
last-modified: Sun, 04 Jul 2021 08:09:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8512
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.3

170.10.162.193

200 OK

16 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.3
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (62161)
Size
16 kB (16035 bytes)
Hash
ce7c35c419259185f083c2639a81dee1
b6ab44a1a3f03c9e6f90ab4b67223def96e13353
1777941dce72825dc5bcb33793ec85128c1cb872a29197c1cead46836997b761

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.3 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: application/javascript
last-modified: Thu, 09 Dec 2021 07:00:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16035
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.57

170.10.162.193

200 OK

12 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.57
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (4122)
Size
12 kB (11500 bytes)
Hash
03601cdd930c2cd580b1db55a4c0a556
e1c08f6c697250b3e19646c48ccfed8f01fae456
62f16d3b877cf266f832752deb246a7e9f0eb2508b4a71edec9252e83727db4b

HTTP Headers

GET /wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.57 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 04:00:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11500
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/piotnet-addons-for-elementor/assets/js/minify/extension.min.js?ver=2.4.20

170.10.162.193

200 OK

22 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/piotnet-addons-for-elementor/assets/js/minify/extension.min.js?ver=2.4.20
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (21826 bytes)
Hash
7bbf2819adfa5c6dd0abb260048f9a73
09fc5d9874b16c8d05936d5241bc81bc8799cb12
e9cd209c58f7ca9cf6b0f088ff76d603cbddeeb8350e0260980242446715e70a

HTTP Headers

GET /wp-content/plugins/piotnet-addons-for-elementor/assets/js/minify/extension.min.js?ver=2.4.20 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 09:16:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21826
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.0.5

170.10.162.193

200 OK

25 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.0.5
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65531), with no line terminators
Size
25 kB (25248 bytes)
Hash
77b953e04729ed7e63624a17c8ac1f9a
a556f8770bd6d51313eba2de2fa4894672e8497a
4c7e8c020ce4ebd7f627af4175663a2df019ea5225fe15f572ac275c1f9f9ba0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.0.5 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 09:06:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25248
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7

170.10.162.193

200 OK

19 kB

URL HTTP/2
www.homabayassembly.go.ke/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type
ASCII text, with very long lines (65497)
Size
19 kB (18716 bytes)
Hash
278d9eebcf978a3873f8852c777e0007
04645a5b1d5c0c50c52845c77ada20c1b8f1128a
f0de59c1b368c69da14f817050951ffb233915f4fcb172c1f07ec3b0dd2cccd4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 14:50:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18716
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

170.10.162.193

200 OK

0 B

URL HTTP/2
www.homabayassembly.go.ke/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/sq/ansdsudsemea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 20:32:17 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.homabayassembly.go.ke/sq/ansdsudsemea

170.10.162.193

404 Not Found

0 B

URL HTTP/2
www.homabayassembly.go.ke/sq/ansdsudsemea
IP
170.10.162.193:0
ASN
#32748 STEADFAST

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sq/ansdsudsemea HTTP/1.1
Host: www.homabayassembly.go.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
set-cookie: __wpdm_client=a59f007fbf3384ccc33cc586d5d348f0; secure; HttpOnly
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.homabayassembly.go.ke/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 20:32:17 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Rubik

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Rubik
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Rubik HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.homabayassembly.go.ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 20:32:17 GMT
date: Tue, 29 Nov 2022 20:32:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations