Aurora
Adminer
Auto Root
WP Admin
cPanel Reset
Anti Backdoor
Root
home3
homscoke
logs
Upload
New Folder
New File
Name
Size
Permissions
Actions
..
-
-
-
Upload File
Select File
New Folder
Folder Name
New File
File Name
Add WordPress Admin
Database Host
Database Name
Database User
Database Password
Admin Username
Admin Password
cPanel Password Reset
Email Address
Edit: cdn2.homs.co.ke.bkup
165.232.136.162 - - [06/Mar/2026:06:28:50 -0700] "GET / HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 165.232.136.162 - - [06/Mar/2026:06:28:50 -0700] "GET /favicon.ico HTTP/1.1" 200 1150 "http://cdn2.homs.co.ke/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 205.210.31.201 - - [06/Mar/2026:06:54:31 -0700] "GET / HTTP/1.1" 200 - "-" "Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity" cdn2.homs.co.ke 10.38.197.90 3.254.100.119 - - [06/Mar/2026:14:19:30 -0700] "GET / HTTP/1.0" 406 226 "-" "Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0; +info@netcraft.com)" www.cdn2.homs.co.ke 10.38.197.90 98.95.90.211 - - [06/Mar/2026:15:50:15 -0700] "GET / HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" www.cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:21 -0700] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:21 -0700] "GET /Zjokrx.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:21 -0700] "GET /xc0252.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:21 -0700] "GET /buc.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:21 -0700] "GET /ddl.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:21 -0700] "GET /nexmo.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:21 -0700] "GET /by.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:21 -0700] "GET /hidedz.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:22 -0700] "GET /wp-spow.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:22 -0700] "GET /FF3.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:22 -0700] "GET /sf.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:22 -0700] "GET /asw.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:22 -0700] "GET /eee.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:22 -0700] "GET /lp6.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:22 -0700] "GET /akses.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:23 -0700] "GET /no1.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:23 -0700] "GET /teee.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:23 -0700] "GET /elabel.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:23 -0700] "GET /bafFz.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:23 -0700] "GET /rere.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:23 -0700] "GET /jocundly.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:23 -0700] "GET /wo.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:23 -0700] "GET /h2h.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:24 -0700] "GET /rithin.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:24 -0700] "GET /kk.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:24 -0700] "GET /path.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:24 -0700] "GET /cs.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:24 -0700] "GET /w2025.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:24 -0700] "GET /foxr.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:24 -0700] "GET /swallowable.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:24 -0700] "GET /claw.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:25 -0700] "GET /fvvff.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:25 -0700] "GET /a2.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:25 -0700] "GET /sty.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:25 -0700] "GET /xxxx.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:25 -0700] "GET //h.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:25 -0700] "GET /g.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:25 -0700] "GET /pp.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:26 -0700] "GET //sys.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:26 -0700] "GET /txets.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:26 -0700] "GET /wp9.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:26 -0700] "GET /path.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:26 -0700] "GET /wdf.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:26 -0700] "GET //2.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:26 -0700] "GET /mga.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:26 -0700] "GET /maxro.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET /pass2.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET /wsvvs.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET //3.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET //edit.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET /ioxi-o.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET /wp-content/admin.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET /66.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET //wp-includes/js/tinymce/themes/inlite/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:27 -0700] "GET /gifclass.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:28 -0700] "GET /wp-includes/assets/index.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:28 -0700] "GET //wp-admin/images/wp-conflg.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:28 -0700] "GET /wp-content/plugins/index.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:28 -0700] "GET //assets/css/index.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:28 -0700] "GET /sc.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:28 -0700] "GET /xmlrpc.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:28 -0700] "GET /ol.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:29 -0700] "GET //f6.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:29 -0700] "GET //inputs.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:29 -0700] "GET /style.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:29 -0700] "GET /bgymj.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:29 -0700] "GET //aa.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:29 -0700] "GET //1.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:29 -0700] "GET //sc.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:30 -0700] "GET //av.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:30 -0700] "GET /file.php? HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:30 -0700] "GET /file59.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:30 -0700] "GET /bless.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:30 -0700] "GET /wp9.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:30 -0700] "GET /wp-act.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:30 -0700] "GET /class-t.api.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:30 -0700] "GET /xqq.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:31 -0700] "GET /wp-admin/css/bolt.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:31 -0700] "GET /a.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:31 -0700] "GET /06.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:31 -0700] "GET /plss3.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:31 -0700] "GET /aaa.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:31 -0700] "GET /classwithtostring.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:31 -0700] "GET /wp-content/themes/index.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:31 -0700] "GET /tinyfilemanager.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:32 -0700] "GET //x.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:32 -0700] "GET /ms.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:32 -0700] "GET //wp-content/plugins/erinyani/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:32 -0700] "GET /wp-update.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:32 -0700] "GET /sbhu.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:32 -0700] "GET /x/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:32 -0700] "GET /wp-blog.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:32 -0700] "GET /test1.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET //wp-includes/js/jquery/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET /166.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET //wp-content/admin.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET /ms-edit.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET //adminfuns.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET /goods.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET /ms-edit.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET /222.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:33 -0700] "GET /plugins.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:34 -0700] "GET //cgi-bin/index.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:34 -0700] "GET //wp-includes/js/dist/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:34 -0700] "GET /ff1.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:34 -0700] "GET /fff.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:34 -0700] "GET /wp-content/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:34 -0700] "GET /goat.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:34 -0700] "GET /155.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:34 -0700] "GET /we.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET /alpha.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET /makeasmtp.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET /wp-michan.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET //wp-content/cong.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET /wp-the.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET //wp-includes/css/dist/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET /BDKR28WP.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET //wp-includes/l10n/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:35 -0700] "GET /wp.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:36 -0700] "GET //assets/css/index.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:36 -0700] "GET /w4.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:36 -0700] "GET //wp-admin/js/widgets/index.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:36 -0700] "GET /ok.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:36 -0700] "GET //about.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:36 -0700] "GET /wp-admin/js/fi.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:36 -0700] "GET /fe5.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:37 -0700] "GET /kj.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:37 -0700] "GET //wp-content/uploads/2021/02/index.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:37 -0700] "GET /av.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:37 -0700] "GET /abcd.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:37 -0700] "GET /init.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:37 -0700] "GET /fi.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:37 -0700] "GET //a1.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:37 -0700] "GET /update/f35.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:38 -0700] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:38 -0700] "GET /f35.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:38 -0700] "GET /hi.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:38 -0700] "GET /lb.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:38 -0700] "GET //wp-includes/css/index.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:38 -0700] "GET /wp-includes/SimplePie/ HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:38 -0700] "GET /prv8.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:38 -0700] "GET /k.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:39 -0700] "GET /dev.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:39 -0700] "GET /bal.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:39 -0700] "GET /in.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:39 -0700] "GET /gssdd.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:39 -0700] "GET /motu.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:39 -0700] "GET /bs1.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:39 -0700] "GET /bengi.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:39 -0700] "GET /miansha.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:40 -0700] "GET //erty.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:40 -0700] "GET /wp-content/plugins/pwnd/as.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:40 -0700] "GET /X57.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:40 -0700] "GET /axx.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:40 -0700] "GET /alfashell.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:40 -0700] "GET /re.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:40 -0700] "GET /styll.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:40 -0700] "GET /flower.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:41 -0700] "GET /4h.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:41 -0700] "GET /gettest.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:41 -0700] "GET /acp.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.151.11.236 - - [06/Mar/2026:17:20:41 -0700] "GET /database.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:14 -0700] "GET / HTTP/1.1" 200 - "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:14 -0700] "GET / HTTP/1.1" 200 - "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:15 -0700] "GET /info.php.bak HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:15 -0700] "GET /info.php.bak HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:15 -0700] "GET /php-info.php HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:15 -0700] "GET /php-info.php HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:15 -0700] "GET /newinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:15 -0700] "GET /newinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:15 -0700] "GET /siteinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:15 -0700] "GET /siteinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:16 -0700] "GET /info.php.1 HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:16 -0700] "GET /info.php.1 HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:16 -0700] "GET /admin/phpinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:16 -0700] "GET /admin/phpinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:16 -0700] "GET /pageinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:16 -0700] "GET /pageinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:17 -0700] "GET /info.php.back HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:17 -0700] "GET /info.php.back HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:17 -0700] "GET /phpbb/phpinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:17 -0700] "GET /phpbb/phpinfo.php HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:17 -0700] "GET /release_info.php HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:17 -0700] "GET /release_info.php HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:17 -0700] "GET /test/info.php HTTP/1.1" 409 83 "-" "curl/8.7.1" cdn2.homs.co.ke 10.38.197.90 185.177.72.49 - - [06/Mar/2026:20:15:18 -0700] "GET /test/info.php HTTP/1.1" 409 83 "-" "curl/8.7.1" www.cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:42 -0700] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:44 -0700] "GET /acfipnci.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:45 -0700] "GET /simple.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:47 -0700] "GET /twlsgobh.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:49 -0700] "GET /function.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:49 -0700] "GET /Quotqw4MU9n.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:56 -0700] "GET /4z78sSq3VE2.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:57 -0700] "GET /rest-api.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:57 -0700] "GET /iikklegv.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:58 -0700] "GET /lcahmwsz.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:58 -0700] "GET /wp-info.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:09:59 -0700] "GET /tuhixyxq.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:00 -0700] "GET /dropdown.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:01 -0700] "GET /QvAqFalfCTX.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:01 -0700] "GET /7DHoKtiS2sQ.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:02 -0700] "GET /qySIWF6TJbv.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:02 -0700] "GET /xmrrpxgn.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:04 -0700] "GET /vtmlkgps.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:05 -0700] "GET /baxa1.phP8 HTTP/1.1" 404 - "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:05 -0700] "GET /gnkadgiz.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:05 -0700] "GET /sqosuclx.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 20.63.83.113 - - [06/Mar/2026:22:10:05 -0700] "GET /9FM3suPlwtZ.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 98.95.90.211 - - [06/Mar/2026:23:23:28 -0700] "GET / HTTP/1.1" 200 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:21 -0700] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:22 -0700] "GET /vynypyss.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:24 -0700] "GET /rawrpw.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:25 -0700] "GET /asd67.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:29 -0700] "GET /makeasmtp.php?p= HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:32 -0700] "GET /zbqxoidn.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:36 -0700] "GET /hplsmbly.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:37 -0700] "GET /alfanew.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:43 -0700] "GET /Alex-Cross.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:43 -0700] "GET /evatusmk.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:44 -0700] "GET /file9.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:45 -0700] "GET /wp-session.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:47 -0700] "GET /xl2023.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:48 -0700] "GET /wp-conflg.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:49 -0700] "GET /file18.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:49 -0700] "GET /bbK8Qd6nhc.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:50 -0700] "GET /BIBIL.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:53 -0700] "GET /uchkkzmk.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:55 -0700] "GET /wp-login.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:57 -0700] "GET /kbicjghd.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:57 -0700] "GET /wso.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:34:59 -0700] "GET /izusdinh.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:01 -0700] "GET /randkeyword.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:02 -0700] "GET /pgxfoqte.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:03 -0700] "GET /2TlRXt7OgIM.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:06 -0700] "GET /fopen.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:09 -0700] "GET /nokswnuh.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:12 -0700] "GET /41Wppt5xB9.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:12 -0700] "GET /uHn8BDkldxz.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:13 -0700] "GET /ae.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:14 -0700] "GET /config.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:14 -0700] "GET /nrmvjhdu.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:15 -0700] "GET /edit-tags.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:15 -0700] "GET /h2WUebaOkZG.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:16 -0700] "GET /alumni_reg.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:17 -0700] "GET /lrxqxgbi.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:18 -0700] "GET /phUploader.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:19 -0700] "GET /file6.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:20 -0700] "GET /qkvbqnne.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:21 -0700] "GET /file.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:23 -0700] "GET /yjlqpamf.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:24 -0700] "GET /default.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:25 -0700] "GET /php-info.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:26 -0700] "GET /ans.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:27 -0700] "GET /xltavrat.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:29 -0700] "GET /3YuwLn4aJ9T.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:33 -0700] "GET /aAZUleCFR6G.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 52.179.211.95 - - [07/Mar/2026:01:35:34 -0700] "GET /nam.php HTTP/1.1" 409 83 "-" "-" cdn2.homs.co.ke 10.38.197.90 72.11.155.223 - - [07/Mar/2026:01:49:52 -0700] "GET / HTTP/1.1" 200 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15" www.cdn2.homs.co.ke 10.38.197.90 147.185.132.24 - - [07/Mar/2026:02:14:04 -0700] "GET / HTTP/1.1" 200 - "-" "Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity" www.cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:49 -0700] "GET / HTTP/1.1" 200 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:49 -0700] "GET / HTTP/1.1" 200 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:49 -0700] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET / HTTP/1.1" 200 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /website/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /news/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /2018/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:50 -0700] "GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:51 -0700] "GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:51 -0700] "GET /test/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:51 -0700] "GET /media/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:51 -0700] "GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:51 -0700] "GET /site/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:51 -0700] "GET /cms/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90 34.10.52.44 - - [07/Mar/2026:03:04:51 -0700] "GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1" 406 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" cdn2.homs.co.ke 10.38.197.90