deffeyes.com/.sys/?getexe=v2captcha.exe
153.127.44.17301 Moved Permanently 0 B URL User Request GET HTTP/1.1 deffeyes.com/.sys/?getexe=v2captcha.exe
IP 153.127.44.17:443
ASN #7684 SAKURA Internet Inc.
Certificate IssuerLet's Encrypt
Subjectwww.deffeyes.com
Fingerprint29:C1:35:3E:83:5F:F5:6F:6B:9F:EA:25:FF:E1:A8:CA:1C:82:13:60
ValidityWed, 31 May 2023 14:21:36 GMT - Tue, 29 Aug 2023 14:21:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /.sys/?getexe=v2captcha.exe HTTP/1.1
Host: deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.deffeyes.com/.sys/?getexe=v2captcha.exe
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
www.deffeyes.com/.sys/?getexe=v2captcha.exe
153.127.44.17404 Not Found 5.9 kB URL User Request GET HTTP/1.1 www.deffeyes.com/.sys/?getexe=v2captcha.exe
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 3b94ff5e5af86b1fab661be29fe7f8ca
fb8571519f69a03295184a7fc4f1e9c104f73cc1
363b56b8a9299fc65e66a17ba18c38b5de40248ee1bf1c000dc68c27927dd777
NIDS Severity Alert suricata high ET MALWARE Likely Koobface Beaconing (getexe)
GET /.sys/?getexe=v2captcha.exe HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.deffeyes.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/.sys/?getexe=v2captcha.exe
153.127.44.17404 Not Found 6.0 kB URL User Request GET HTTP/1.1 www.deffeyes.com/.sys/?getexe=v2captcha.exe
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 84b07a5156ccfd5dcfc123840bb82ef5
0da46ff9544318e59e7219e3fe878deae15fff4a
739c2c6b41a50664f386e354af33b2eefa4e29da338f4e363dca980a597df178
NIDS Severity Alert suricata high ET MALWARE Likely Koobface Beaconing (getexe)
GET /.sys/?getexe=v2captcha.exe HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.deffeyes.com/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash d11f1919fef5d8fccf8a87cf62ec7d61
b862276403c5375ce0cf2707ff0141d0f765fafa
7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 06:18:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash d11f1919fef5d8fccf8a87cf62ec7d61
b862276403c5375ce0cf2707ff0141d0f765fafa
7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 06:18:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.deffeyes.com/wp-content/themes/siska-lite/style.css?ver=6.0
153.127.44.17200 OK 6.3 kB URL GET HTTP/1.1 www.deffeyes.com/wp-content/themes/siska-lite/style.css?ver=6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with very long lines (866), with CRLF line terminators
Hash d6f3d6653dbc2c080fcd5bef98918752
88ecbbc6df22f73a54c7d97c9262ad31e2ce5d2e
91732f2cfa6b956aecacf3bdfc9bd912eb49d57e8c8a3a640b84a28dace15a2f
GET /wp-content/themes/siska-lite/style.css?ver=6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:48 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Jun 2022 06:24:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a19215-698e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0
153.127.44.17200 OK 12 kB URL GET HTTP/1.1 www.deffeyes.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with very long lines (43771)
Hash d534fc4463d84fecc2a0b4e847bec46e
a553b04e1476190984e01192467df79f9645ab70
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:48 GMT
Content-Type: text/css
Last-Modified: Wed, 08 Jun 2022 12:37:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a0981c-15b26"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-content/themes/siska-lite/css/theme-responsive.css?ver=6.0
153.127.44.17200 OK 1.9 kB URL GET HTTP/1.1 www.deffeyes.com/wp-content/themes/siska-lite/css/theme-responsive.css?ver=6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with CRLF line terminators
Hash 290278c9992c5f428efb06072f212191
6fb37658c8583e3cf6a49bdcd83f188d4ed90cf0
9f07b3ba54d2379a9e1f8491ca7cfe0be16af717b3f6984688baba1575b81c92
GET /wp-content/themes/siska-lite/css/theme-responsive.css?ver=6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:48 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Jun 2022 06:24:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a19215-363f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-content/themes/siska-lite/css/nivo-slider.css?ver=6.0
153.127.44.17200 OK 954 B URL GET HTTP/1.1 www.deffeyes.com/wp-content/themes/siska-lite/css/nivo-slider.css?ver=6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with CRLF line terminators
Hash 6c3e9388fbe2784944b2d391939a3cd2
80df4cfac4c3cc7d9f4faf972533f4860215e080
73d7bc6b95b1119c6686e49590daf44c1987eca7577a948f73fcc4420688c1ba
GET /wp-content/themes/siska-lite/css/nivo-slider.css?ver=6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:48 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Jun 2022 06:24:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a19215-a3f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
153.127.44.17200 OK 4.2 kB URL GET HTTP/1.1 www.deffeyes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:48 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Jun 2022 12:39:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a09878-2bd8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-content/themes/siska-lite/js/jquery.nivo.slider.js?ver=6.0
153.127.44.17200 OK 4.9 kB URL GET HTTP/1.1 www.deffeyes.com/wp-content/themes/siska-lite/js/jquery.nivo.slider.js?ver=6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with very long lines (386), with CRLF line terminators
Hash 8d2599054ffb8e8a0ca5ee9e6f26da23
b9c5af4be1ec55ab2c119a4fbf22c5176942b623
5e5198e9d83f38c94a7b0fd926e4dbc467cb6c8994adc0e3a904d6c861d1d695
GET /wp-content/themes/siska-lite/js/jquery.nivo.slider.js?ver=6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:48 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 06:24:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a19215-7450"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-content/themes/siska-lite/js/custom.js?ver=6.0
153.127.44.17200 OK 646 B URL GET HTTP/1.1 www.deffeyes.com/wp-content/themes/siska-lite/js/custom.js?ver=6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with CRLF line terminators
Hash b5caed2d4b153db3dfd1e5a61623e505
076d4009159ac18766d5ee8ee0ce021a29158b01
35983ca47f975b8d164212388b1a5f5b2c217d9771e08ba3091646854a0a0047
GET /wp-content/themes/siska-lite/js/custom.js?ver=6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:48 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 06:24:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a19215-6a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-content/themes/siska-lite/js/navigation.js?ver=20190715
153.127.44.17200 OK 1.5 kB URL GET HTTP/1.1 www.deffeyes.com/wp-content/themes/siska-lite/js/navigation.js?ver=20190715
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with CRLF line terminators
Hash 8ddc44587baacfbbe9f230efac2aef0b
66e381c3d23b66fbb9aa114bf441280f3562d6f8
72b2b8a0e0b0e8e4a2466d203bf469a246c0e49f7d4c993d37ac70a5d64f86ef
GET /wp-content/themes/siska-lite/js/navigation.js?ver=20190715 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:49 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 06:24:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a19215-144e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0
153.127.44.17200 OK 5.0 kB URL GET HTTP/1.1 www.deffeyes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:49 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Jun 2022 12:40:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a098aa-48b9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-content/themes/siska-lite/css/font-awesome.css?ver=6.0
153.127.44.17200 OK 6.6 kB URL GET HTTP/1.1 www.deffeyes.com/wp-content/themes/siska-lite/css/font-awesome.css?ver=6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type troff or preprocessor input, ASCII text, with very long lines (357), with CRLF line terminators
Hash 7faa1b4e3fc7f00ee413404e07585e82
28b341fea29bdbe5a418369b6b2b88bdb5c76d55
6e04c3c14fb7c01bde4472cb29a3a225584bd07c3b2f019be32228d520a94282
GET /wp-content/themes/siska-lite/css/font-awesome.css?ver=6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:49 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Jun 2022 06:24:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a19215-89f1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
www.deffeyes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
153.127.44.17200 OK 31 kB URL GET HTTP/1.1 www.deffeyes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:49 GMT
Content-Type: application/javascript
Last-Modified: Wed, 08 Jun 2022 12:39:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a09879-15db1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 06:18:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:443
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.deffeyes.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 07:44:41 GMT
expires: Sun, 02 Jun 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 81248
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:443
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.deffeyes.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 03:11:48 GMT
expires: Sun, 02 Jun 2024 03:11:48 GMT
cache-control: public, max-age=31536000
age: 97621
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.deffeyes.com/wp-content/uploads/2022/06/siska-lite_1.png
153.127.44.17200 OK 5.2 kB URL GET HTTP/1.1 www.deffeyes.com/wp-content/uploads/2022/06/siska-lite_1.png
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type PNG image data, 270 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 7d6a98fa1d7a0a08628ac38788cb6453
b6b407ce5e83442604f4b55a89f542a743420679
7e709bdc33abf252083f5b194a608efb0b58b9dd72381eb6f1bb4f784448d20f
GET /wp-content/uploads/2022/06/siska-lite_1.png HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:49 GMT
Content-Type: image/png
Last-Modified: Fri, 10 Jun 2022 04:30:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a2c8ef-1a1c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 06:18:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.deffeyes.com/wp-content/themes/siska-lite/css/fonts/fontawesome-webfont.woff2?v=4.5.0
153.127.44.17200 OK 67 kB URL GET HTTP/1.1 www.deffeyes.com/wp-content/themes/siska-lite/css/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /wp-content/themes/siska-lite/css/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/wp-content/themes/siska-lite/css/font-awesome.css?ver=6.0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:49 GMT
Content-Type: font/woff2
Content-Length: 66624
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 09 Jun 2022 06:24:21 GMT
ETag: "10440-5e0fddf4c1ca8"
Accept-Ranges: bytes
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
www.deffeyes.com/favicon.ico
153.127.44.17302 Found 0 B URL GET HTTP/1.1 www.deffeyes.com/favicon.ico
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Link: <http://www.deffeyes.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://www.deffeyes.com/wp-includes/images/w-logo-blue-white-bg.png
www.deffeyes.com/wp-includes/images/w-logo-blue-white-bg.png
153.127.44.17200 OK 4.1 kB URL GET HTTP/1.1 www.deffeyes.com/wp-includes/images/w-logo-blue-white-bg.png
IP 153.127.44.17:80
ASN #7684 SAKURA Internet Inc.
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.deffeyes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sun, 04 Jun 2023 06:18:50 GMT
Content-Type: image/png
Last-Modified: Wed, 08 Jun 2022 12:38:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62a09846-1017"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C600%2C500%2C700&ver=6.0
142.250.74.106200 OK 8.5 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C600%2C500%2C700&ver=6.0
IP 142.250.74.106:443
Requested by http://www.deffeyes.com/.sys/?getexe=v2captcha.exe
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (8716), with no line terminators
Hash 1303310bf811cbabe52e473a56247b05
76a5d89fcefb4e769642a6636f439f3f03833429
ccc9d8c0b923b1470e8ddb0309ed98c9419fd7abb32ead3c0dcebbc30ea84778
GET /css?family=Roboto%3A300%2C400%2C600%2C500%2C700&ver=6.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.deffeyes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Jun 2023 06:18:48 GMT
date: Sun, 04 Jun 2023 06:18:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2