wubethiopiatours.com/H8lYQ9Udj/ee.exe
198.251.81.188 967 B URL wubethiopiatours.com/H8lYQ9Udj/ee.exe
IP 198.251.81.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CR, LF line terminators
Hash 119a4d73aeb08e0a95f01f16b71abcb4
99b7f00eb94a6fc3cf4a871c9174e82c3fa62862
704567679b04c57a497078c0c05fde8210e113530ae7568877e9695cd1e7e858
NIDS Severity Alert suricata medium ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
GET /H8lYQ9Udj/ee.exe HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
set-cookie: d660f1ebb63a8e18e99304fde6d5788c=a46e73ae995596c34cc3b99abe24e890; path=/; secure
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-type: text/html; charset=utf-8
cache-control: no-cache
pragma: no-cache
content-length: 967
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Jun 2023 13:40:44 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
wubethiopiatours.com/H8lYQ9Udj/ee.exe
198.251.81.188 1.2 kB URL wubethiopiatours.com/H8lYQ9Udj/ee.exe
IP 198.251.81.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CR, LF line terminators
Hash c6ce3f5d69a842e5e3f3db90207e280d
cce6f8d31b2b66faf8d18a967f6731604500c3ea
101ba7d8eafc17a15914b22d7f31da876ec7923e876eb328a631feb481480b30
NIDS Severity Alert suricata medium ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
GET /H8lYQ9Udj/ee.exe HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Connection: close
set-cookie: d660f1ebb63a8e18e99304fde6d5788c=328762a216472af06a04c3b7f921f237; path=/
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-type: text/html; charset=utf-8
cache-control: no-cache
pragma: no-cache
content-length: 1150
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 01 Jun 2023 13:40:45 GMT
server: LiteSpeed
fonts.googleapis.com/css?family=Lato:300,400,700
142.250.74.106 399 B URL fonts.googleapis.com/css?family=Lato:300,400,700
IP 142.250.74.106:0
Hash 9a9fa5ce67b83efe7c3949d0e99ff583
86d8f531709894c6c4194e995577b60b34f1865f
56d307a561ee698ee8d0a2e0c7bf14e573943583e308df5c845e1cc42daebd78
GET /css?family=Lato:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 01 Jun 2023 13:40:45 GMT
Date: Thu, 01 Jun 2023 13:40:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
wubethiopiatours.com/templates/shaper_awetive/css/mobile-menu.css
198.251.81.188 511 B URL wubethiopiatours.com/templates/shaper_awetive/css/mobile-menu.css
IP 198.251.81.188:0
Hash cc7ec333d4057efaa8f866f13f44f10e
374361edc0a03e47e2de505729c77789eed35c0e
6a0b68bd9d5a169bdd243675076d80a8c395a8d4da9d96da5a6437f74df9b2b0
GET /templates/shaper_awetive/css/mobile-menu.css HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:45 GMT
content-type: text/css
last-modified: Tue, 26 Nov 2013 21:34:34 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 511
date: Thu, 01 Jun 2023 13:40:45 GMT
server: LiteSpeed
wubethiopiatours.com/plugins/system/helix/css/font-awesome.css
198.251.81.188 4.4 kB URL wubethiopiatours.com/plugins/system/helix/css/font-awesome.css
IP 198.251.81.188:0
File type ASCII text, with very long lines (668)
Hash af89cd93bed95a047f977b05e6eddf61
0722c4c5b89a7f33762a09b50ebeba3bac547a02
5a3b7b629be4ae63b07ad83f3eb116c66744825ec24a0adc857d030b09b67a15
GET /plugins/system/helix/css/font-awesome.css HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:45 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2013 02:52:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4363
date: Thu, 01 Jun 2023 13:40:45 GMT
server: LiteSpeed
wubethiopiatours.com/templates/shaper_awetive/css/bootstrap-responsive.min.css
198.251.81.188 3.9 kB URL wubethiopiatours.com/templates/shaper_awetive/css/bootstrap-responsive.min.css
IP 198.251.81.188:0
File type ASCII text, with very long lines (16608)
Hash f889adb0886162aa4ceab5ff6338d888
337ca43f0c850499642fa884380ddf31f2121d20
948149bd7d046c4a606e185ad68acdad7695d532a781f556ac86f081c1e5f341
GET /templates/shaper_awetive/css/bootstrap-responsive.min.css HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:45 GMT
content-type: text/css
last-modified: Tue, 03 Dec 2013 15:34:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3949
date: Thu, 01 Jun 2023 13:40:45 GMT
server: LiteSpeed
wubethiopiatours.com/templates/shaper_awetive/css/error.css
198.251.81.188200 OK 469 B URL GET HTTP/1.1 wubethiopiatours.com/templates/shaper_awetive/css/error.css
IP 198.251.81.188:80
Requested by http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Hash 58f82f4d13a29f03e343746df8496ce3
7cd7662e2e79044f978d9c326e7b27718fb964fd
407f6e861539d8c9b8eac31cfb428dc147201a9c54eab5a535cb7ab7a14adb8a
GET /templates/shaper_awetive/css/error.css HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:45 GMT
content-type: text/css
last-modified: Thu, 02 May 2019 12:35:14 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 469
date: Thu, 01 Jun 2023 13:40:45 GMT
server: LiteSpeed
wubethiopiatours.com/templates/shaper_awetive/css/bootstrap.min.css
198.251.81.188 17 kB URL wubethiopiatours.com/templates/shaper_awetive/css/bootstrap.min.css
IP 198.251.81.188:0
File type ASCII text, with very long lines (65299), with CRLF line terminators
Hash 6f13c114fbfbaf672c70ee919107c5fb
d4c7278fae01a4197b45963fea6329cd2808540a
46568bb8509d053f280b9dc744ccec76a950f9736a913438902565ffda857b09
GET /templates/shaper_awetive/css/bootstrap.min.css HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:45 GMT
content-type: text/css
last-modified: Sun, 08 Feb 2015 16:49:04 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 17029
date: Thu, 01 Jun 2023 13:40:45 GMT
server: LiteSpeed
wubethiopiatours.com/media/system/js/mootools-core.js
198.251.81.188 31 kB URL wubethiopiatours.com/media/system/js/mootools-core.js
IP 198.251.81.188:0
File type ASCII text, with very long lines (886)
Hash cf58a30ea9b7a731712baede90b790ec
cc019ac09f68258ee3442fe7cc440adf78a3cef2
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
GET /media/system/js/mootools-core.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:45 GMT
content-type: application/javascript
last-modified: Wed, 10 Dec 2014 16:40:08 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 31297
date: Thu, 01 Jun 2023 13:40:45 GMT
server: LiteSpeed
wubethiopiatours.com/media/system/js/core.js
198.251.81.188 1.7 kB URL wubethiopiatours.com/media/system/js/core.js
IP 198.251.81.188:0
File type ASCII text, with very long lines (513)
Hash 4b59c964036a5a6ba36d4cfa34968c2a
a05177eb337fb8c96cef328d673644caae9a5dc6
ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b
GET /media/system/js/core.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: application/javascript
last-modified: Wed, 10 Dec 2014 16:40:08 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1714
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
wubethiopiatours.com/media/system/js/caption.js
198.251.81.188 403 B URL wubethiopiatours.com/media/system/js/caption.js
IP 198.251.81.188:0
File type ASCII text, with very long lines (504)
Hash 031416fd2123cc114170494fdfc1a8a0
42c45161c94773d3d73d8b0c55ac7ddae5137502
5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321
GET /media/system/js/caption.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2013 05:31:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 403
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
wubethiopiatours.com/plugins/system/helix/js/jquery-noconflict.js
198.251.81.188 196 B URL wubethiopiatours.com/plugins/system/helix/js/jquery-noconflict.js
IP 198.251.81.188:0
Hash 3edbdbe8a664388caeaa9e72c8228742
4acf19f27f7e50877cfea07282978456ef9f9d5f
15ef7fa4c9737555ceca2f87fa11c901cebd91757919cc53e9f566139e2ea44b
GET /plugins/system/helix/js/jquery-noconflict.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2013 02:52:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 196
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
wubethiopiatours.com/plugins/system/helix/js/bootstrap.min.js
198.251.81.188 7.7 kB URL wubethiopiatours.com/plugins/system/helix/js/bootstrap.min.js
IP 198.251.81.188:0
File type ASCII text, with very long lines (29314)
Hash 6bffda874fc3d0cceb4168ca9055c4f7
9453fcb8e30b494fc4aa7633696ee67286445d15
ec16fbad849596c5c0b977289c5ec1c2bc32928c89fb9ed1017d10c90d3d4938
GET /plugins/system/helix/js/bootstrap.min.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2013 02:52:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7733
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
wubethiopiatours.com/plugins/system/helix/js/jquery.min.js
198.251.81.188200 OK 34 kB URL GET HTTP/1.1 wubethiopiatours.com/plugins/system/helix/js/jquery.min.js
IP 198.251.81.188:80
Requested by http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
File type ASCII text, with very long lines (65483)
Hash 24bd97b1de158c4f1a162336eeca4aa6
c5268df4c1f0bada95cb3d2b80089a50b494b5ee
42dd197f5d15d2a06539ab87fb97e1d3e1c40583deee00b6899a68981f0e33fa
GET /plugins/system/helix/js/jquery.min.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2013 02:52:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 33554
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
wubethiopiatours.com/plugins/system/helix/js/modernizr-2.6.2.min.js
198.251.81.188200 OK 6.3 kB URL GET HTTP/1.1 wubethiopiatours.com/plugins/system/helix/js/modernizr-2.6.2.min.js
IP 198.251.81.188:80
Requested by http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
File type HTML document, ASCII text, with very long lines (14756)
Hash 42306a279a9e831515347ae319181cd1
d069641242e4fe1beb6de8f53a77dd964c98bce0
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
GET /plugins/system/helix/js/modernizr-2.6.2.min.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2013 02:52:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6268
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
wubethiopiatours.com/plugins/system/helix/js/helix.core.js
198.251.81.188 304 B URL wubethiopiatours.com/plugins/system/helix/js/helix.core.js
IP 198.251.81.188:0
Hash 2632f1dc844b81aa7711a9b20de75675
76bd9674ecfec599f00b7b7033168f9bdc8c53db
ba82862db93834f8776eff87739eef62b7ad067bfbdf193fc1ae02cc7781bcce
GET /plugins/system/helix/js/helix.core.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2013 02:52:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 304
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
wubethiopiatours.com/plugins/system/helix/js/menu.js
198.251.81.188 2.1 kB URL wubethiopiatours.com/plugins/system/helix/js/menu.js
IP 198.251.81.188:0
Hash 9245b34ce83341aeca3713e7ac6ac522
0d614c59943ba74bb1daae34697fa97f32d0f36e
ab3d62fa1834308e4fcd70414d3c9ba7e2613dc3277fbebff85d020738031bf9
GET /plugins/system/helix/js/menu.js HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2013 02:52:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2136
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227 24 kB URL fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wubethiopiatours.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 30 May 2023 18:34:56 GMT
Expires: Wed, 29 May 2024 18:34:56 GMT
Cache-Control: public, max-age=31536000
Age: 155150
Last-Modified: Tue, 02 May 2023 15:17:22 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227 23 kB URL fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wubethiopiatours.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 30 May 2023 18:35:30 GMT
Expires: Wed, 29 May 2024 18:35:30 GMT
Cache-Control: public, max-age=31536000
Age: 155116
Last-Modified: Tue, 02 May 2023 15:07:25 GMT
Content-Type: font/woff2
wubethiopiatours.com/templates/shaper_awetive/images/logo.png
198.251.81.188200 OK 4.1 kB URL GET HTTP/1.1 wubethiopiatours.com/templates/shaper_awetive/images/logo.png
IP 198.251.81.188:80
Requested by http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
File type PNG image data, 131 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash d655294d18ce1ba6ca78be822f6b7833
b2c77e769d337b5b1de6b9bbb26e8513a3b90b4c
62892e13874a56f319052da0ec21196f9a0f9d39b1f209624808a3f566ffabe1
GET /templates/shaper_awetive/images/logo.png HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/templates/shaper_awetive/css/error.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: image/png
last-modified: Tue, 03 Dec 2013 15:44:18 GMT
accept-ranges: bytes
content-length: 4137
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed
wubethiopiatours.com/favicon.ico
198.251.81.188 1.2 kB URL wubethiopiatours.com/favicon.ico
IP 198.251.81.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Connection: close
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 01 Jun 2023 13:40:47 GMT
server: LiteSpeed
wubethiopiatours.com/plugins/system/helix/fonts/fontawesome/fontawesome-webfont.woff?v=3.2.1
198.251.81.188200 OK 44 kB URL GET HTTP/1.1 wubethiopiatours.com/plugins/system/helix/fonts/fontawesome/fontawesome-webfont.woff?v=3.2.1
IP 198.251.81.188:80
Requested by http://wubethiopiatours.com/H8lYQ9Udj/ee.exe
File type Web Open Font Format, TrueType, length 43572, version 1.0\012- data
Hash b683029bafe0305ac2234038a03e1541
12f8c193902e99348493ace32e498031bf79b654
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
GET /plugins/system/helix/fonts/fontawesome/fontawesome-webfont.woff?v=3.2.1 HTTP/1.1
Host: wubethiopiatours.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://wubethiopiatours.com/plugins/system/helix/css/font-awesome.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
cache-control: public, max-age=604800
expires: Thu, 08 Jun 2023 13:40:46 GMT
content-type: font/woff
last-modified: Thu, 14 Nov 2013 02:52:02 GMT
accept-ranges: bytes
content-length: 43572
date: Thu, 01 Jun 2023 13:40:46 GMT
server: LiteSpeed