Report - defacer.id/mirror/id/127694

Report Overview

Visited public
2024-10-12 06:46:37
Tags
Submit Tags
URL
defacer.id/mirror/id/127694
Finishing URL
defacer.id/mirror/id/127694
IP / ASN
172.67.138.31
#13335 CLOUDFLARENET
Title
bkad.bengkuluutarakab.go.id was hacked by Szt00Xploit

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-10-10 18:12:58	3.3 kB	7.0 kB	142.250.74.131
cur.cursors-4u.net	518549	2005-04-25	2012-06-24 19:52:43	2024-09-26 16:12:31	724 B	4.9 kB	96.43.128.66
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-10-10 21:01:58	923 B	14 kB	142.250.74.106
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-10 18:12:14	2.0 kB	5.3 kB	23.36.76.226
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-10-10 18:31:08	1.1 kB	260 kB	104.17.25.14
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-10-10 18:12:35	2.1 kB	64 kB	216.58.207.227
b.top4top.io	unknown	2019-11-19	2019-12-11 04:03:13	2024-09-26 04:53:20	492 B	3.8 MB	135.181.63.70
i.ibb.co.com	unknown	unknown	2024-06-11 12:00:29	2024-09-26 20:03:35	456 B	7.7 MB	162.19.58.160
bit.ly	8194	2008-05-17	2012-05-30 08:37:18	2024-09-29 18:12:32	399 B	531 B	67.199.248.11
images.dmca.com	11903	2000-05-18	2012-06-19 01:24:47	2024-10-11 14:50:08	910 B	4.1 kB	194.242.11.186
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-10-11 05:00:58	833 B	179 kB	142.250.74.136
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-10-10 18:12:11	1.3 kB	3.5 kB	23.36.77.32
www.unud.ac.id	unknown	1999-09-30	2013-05-04 07:53:26	2024-09-24 23:48:54	445 B	593 B	103.29.196.156
defacer.id	unknown	2024-04-24	2016-06-30 16:52:13	2023-02-03 06:47:16	9.2 kB	468 kB	172.67.138.31

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-12	medium	top4top.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	236 B	2024-10-12	2024-10-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:49 Last Seen2024-10-12 13:49 Times Seen1 Hash d9be86a5eec92a0248644bfaaf41c4df 52ba4673515482f4b4768f7fb97e7cdfd9a3aef0 818d49dd84d4085468f394aa5c902ff4d0d341cda0290eafa5dc849afd9b22a4 Loading...

	defacer.id/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.0 kB	2024-10-12	2024-10-12
Pretty URL defacer.id/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:49 Last Seen2024-10-12 13:49 Times Seen1 Hash 70876d6b12557d136769791cb55f3539 751ca987c15945917975fd8b8850f8ae9b103ca6 da4ab40229ecc5c35feed5c23151f51c58eaf0454bcf2b5ca38c1fc49774db77 Loading...

	defacer.id/frame/mirror/id/127694	ScriptElement	0 B	0001-01-01	2025-07-18
Pretty URL defacer.id/frame/mirror/id/127694 IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-18 05:25 Times Seen5450451 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	defacer.id/mirror/id/127694	ScriptElement	201 B	2024-10-12	2025-03-08
Pretty URL defacer.id/mirror/id/127694 IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-12 13:49 Last Seen2025-03-08 21:16 Times Seen2 Hash bb017462c078da3481f422e5237c12d8 20b573deb189f71075b1a724ffebb686bfd433fa 6d30e5d4307070c292c2663f8ebb51282b4908176146b7ee785dc5852b3f5032 Loading...

	defacer.id/plugins/scrollmenu/scrollmenu.min.js	ScriptElement	4.2 kB	2024-10-12	2025-03-08
Pretty URL defacer.id/plugins/scrollmenu/scrollmenu.min.js IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:49 Last Seen2025-03-08 21:16 Times Seen2 Hash 610785d1fc939d9a9d284d94d96a913e 5853de522378c6bebc266cfae0260f076ad16fb3 fbcad28070ba82e731b60aca924f844794d897b191e960f09d8426d746e2a04b Loading...

	images.dmca.com/Badges/DMCABadgeHelper.min.js	ScriptElement	465 B	2023-03-07	2025-07-18
Pretty URL images.dmca.com/Badges/DMCABadgeHelper.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-18 03:42 Times Seen5673 Hash bac6fb686027b93b6565e1b1e5e8e213 e585bdd95488444f0ce2888d8281dbdaf73ca2ea e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Loading...

	defacer.id/scripts/main.js?v=3	ScriptElement	5.7 kB	2024-10-12	2025-03-08
Pretty URL defacer.id/scripts/main.js?v=3 IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:49 Last Seen2025-03-08 21:16 Times Seen2 Hash a3084e1e6e1965bac70f2e810ecdd7c3 a400d53a44ec53df11dbeb3df66d15fdf37a066a 17915aaa89ac00ad6881f46f6e4a02eb6a593012b01ac21df5ed40e064473956 Loading...

	defacer.id/frame/mirror/id/127694	ScriptElement	923 B	2024-10-12	2024-10-12
Pretty URL defacer.id/frame/mirror/id/127694 IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-12 13:49 Last Seen2024-10-12 13:49 Times Seen1 Hash ed03dc4c9fb10ca09402b4b2061219c6 35eefbc7e685340f0aa7fcfb1f9f589f5eb48611 03e9808076f9e6053502cd91ffc69b23f6d24024f17fd8ca72c5a2722019edeb Loading...

	defacer.id/mirror/id/127694	ScriptElement	374 B	2024-10-12	2025-03-08
Pretty URL defacer.id/mirror/id/127694 IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-12 13:49 Last Seen2025-03-08 21:16 Times Seen2 Hash 4b2ab75e6b266002a7f7f91db47ce714 157072ff51585d7d3f6956330b63b8b77663e3db 9f61d3a8d2d052b3cfcb892cafa76b1744f0a18c428a3b815d37bb013d8c6198 Loading...

	www.googletagmanager.com/gtag/js?id=G-YSMMJ6YD21	ScriptElement	324 kB	2024-10-12	2024-10-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-YSMMJ6YD21 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:49 Last Seen2024-10-12 13:49 Times Seen1 Hash fc9d35d9d36e9ab10fe9c42795c41350 80aaa8021e8f988325b4e11c438fcf4bbd75b17e f3d21e47fde75c06c86a448abc694a1b414488cb1bf57d026cd0f19039504e62 Loading...

	defacer.id/mirror/id/127694	ScriptElement	416 B	2024-10-12	2025-03-08
Pretty URL defacer.id/mirror/id/127694 IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-12 13:49 Last Seen2025-03-08 21:16 Times Seen2 Hash 4d4547773c2fb916a8fde3a3322b0c1a 0891eb694ec70dcf113f19e3e2e21510c202eb68 7f8a84c123477bf1b4844675f3c31321b1e2e952c2d2bfc0ef0ca5854ac35153 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P86SFD7K	ScriptElement	193 kB	2024-10-12	2024-10-12
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P86SFD7K IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-12 13:49 Last Seen2024-10-12 13:49 Times Seen1 Hash e0497c328b6dbc2a072f01269df3f82e 8cff2a3dc2b3d5817fe93ab3c3dfe20679b0ebe3 71df2215e1d0e0eff4558bfe584bf6ef944ccfa8d4495d7845a6ac748d541bf9 Loading...

	defacer.id/mirror/id/127694	ScriptElement	921 B	2024-10-12	2024-10-12
Pretty URL defacer.id/mirror/id/127694 IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-12 13:49 Last Seen2024-10-12 13:49 Times Seen1 Hash 318385511d28de1dfe78766a3820a581 bc444cbbe457f0617080e4e587bbe4a1c0650dd5 279e2dfeda7ef86822fb22e06ba8c768a96c1c5a0935b73f22ec266b07682580 Loading...

	defacer.id/plugins/highlight/highlight.min.js	ScriptElement	121 kB	2023-03-13	2025-07-17
Pretty URL defacer.id/plugins/highlight/highlight.min.js IP 172.67.138.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:02 Last Seen2025-07-17 14:28 Times Seen98 Hash 2a66af0aa884e09f41086cf620b4186f e3cfe91dbc54c5fb33e98fe4fb7ba168cec0945c 9f19cebc1d4441ae1f0ffc696a42628b9f865fe5d99deda1f1e8cd5bec878888 Loading...

HTTP Transactions (55)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
335c4af72a92afe06fbd24291c5c5870
7cb8fdbe83e4c47227b68b53c4e72f89e8c83e97
a89b5cdd90d9c8a2fac62f75b3641475d1c04b4712ecc873ce2d6f7b280e6e58

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A89B5CDD90D9C8A2FAC62F75B3641475D1C04B4712ECC873CE2D6F7B280E6E58"
Last-Modified: Sat, 12 Oct 2024 00:30:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7141
Expires: Sat, 12 Oct 2024 08:45:11 GMT
Date: Sat, 12 Oct 2024 06:46:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c0478b0cd161f62f480ac8b275d2010f
ce1a9d58da42b4c1c6f25c6ab4d0fe629072adc4
fb3e66346ead98f26678af7d3bf732124983ce83aba60e4e6517058ce2394c05

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "FB3E66346EAD98F26678AF7D3BF732124983CE83ABA60E4E6517058CE2394C05"
Last-Modified: Fri, 11 Oct 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7339
Expires: Sat, 12 Oct 2024 08:48:29 GMT
Date: Sat, 12 Oct 2024 06:46:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7db95baaf7589f4e7e78f4e258544922
44343fc1282f7282fb7d3309e2e5927cfaefdcdf
98f60760645b89dff87ad0cd01deb5c96af32540b9e2fdaac4299f3bb1c2138a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "98F60760645B89DFF87AD0CD01DEB5C96AF32540B9E2FDAAC4299F3BB1C2138A"
Last-Modified: Fri, 11 Oct 2024 20:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7114
Expires: Sat, 12 Oct 2024 08:44:44 GMT
Date: Sat, 12 Oct 2024 06:46:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
29432ba0f965dfda8de99ed506874afe
1c9b8a5941e8c26857b576f97c9410ced3a6ec17
059b5ed36685cfa7c9999204eba45352035048067eeb5fca3733608faa2b36b2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "059B5ED36685CFA7C9999204EBA45352035048067EEB5FCA3733608FAA2B36B2"
Last-Modified: Fri, 11 Oct 2024 21:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7215
Expires: Sat, 12 Oct 2024 08:46:25 GMT
Date: Sat, 12 Oct 2024 06:46:10 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
db57e9d703b65701cb5a39a355e3c31c
c4f366d9b18c54d106236e94c1600ef647290d7c
dc7e70e2b25c0d849b38bbbe6f4abe9ce062e81f3245eae2a24abe7ea12c5679

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DC7E70E2B25C0D849B38BBBE6F4ABE9CE062E81F3245EAE2A24ABE7EA12C5679"
Last-Modified: Thu, 10 Oct 2024 16:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7455
Expires: Sat, 12 Oct 2024 08:50:26 GMT
Date: Sat, 12 Oct 2024 06:46:11 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
db57e9d703b65701cb5a39a355e3c31c
c4f366d9b18c54d106236e94c1600ef647290d7c
dc7e70e2b25c0d849b38bbbe6f4abe9ce062e81f3245eae2a24abe7ea12c5679

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "DC7E70E2B25C0D849B38BBBE6F4ABE9CE062E81F3245EAE2A24ABE7EA12C5679"
Last-Modified: Thu, 10 Oct 2024 16:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7455
Expires: Sat, 12 Oct 2024 08:50:26 GMT
Date: Sat, 12 Oct 2024 06:46:11 GMT
Connection: keep-alive

GET images.dmca.com/Badges/dmca_protected_sml_120n.png?ID=1a5825d3-0a4b-4879-98af-54ec41d3033a

194.242.11.186

200 OK

2.1 kB

URL GET HTTP/2
images.dmca.com/Badges/dmca_protected_sml_120n.png?ID=1a5825d3-0a4b-4879-98af-54ec41d3033a
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerLet's Encrypt
Subjectimages.dmca.com
Fingerprint0C:98:42:D8:37:D0:B7:B0:D9:97:6B:9B:E5:0A:C0:53:86:AD:4F:C0
ValidityFri, 30 Aug 2024 04:16:27 GMT - Thu, 28 Nov 2024 04:16:26 GMT

File type
PNG image data, 121 x 24, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2060 bytes)
Hash
ac1d05c6c81bec88b7df6cf4c5a2374f
fbaa6f8144acc99822941e7c1da42ee505773adf
45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13

HTTP Headers

GET /Badges/dmca_protected_sml_120n.png?ID=1a5825d3-0a4b-4879-98af-54ec41d3033a HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Oct 2024 06:46:11 GMT
content-type: image/png
content-length: 2060
server: BunnyCDN-NO1-830
cdn-pullzone: 1574055
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cdn-requestcountrycode: NO
cache-control: public, max-age=31536000
etag: "a7af7333e0ebca1:0"
last-modified: Tue, 04 May 2010 23:19:10 GMT
x-powered-by: ASP.NET
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/29/2024 19:51:14
cdn-edgestorageid: 871
link: <https://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120n.png?ID=db298930-4356-46ce-bc62-0642110014a1>; rel="canonical"
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: d5411771ffe6a9bf10b68f1fb67c3def
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9d552b04d43a516149206d1ecd1ea90e
89a54301810ac37099b38c59c3d14bae1573e998
b8395843f3b51c0aff9591d4bc98e27f335c16826b5de66aaf26363edad3975e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9d552b04d43a516149206d1ecd1ea90e
89a54301810ac37099b38c59c3d14bae1573e998
b8395843f3b51c0aff9591d4bc98e27f335c16826b5de66aaf26363edad3975e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
31fd8c270501676fd780beb64a73bbd3
496283fe7d9630ef80b46fe861f5077c75629d11
23b964e0ba916ee9e9f4f29257b765259a9e2d590d7aec9c0184763f6f86babc

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
31fd8c270501676fd780beb64a73bbd3
496283fe7d9630ef80b46fe861f5077c75629d11
23b964e0ba916ee9e9f4f29257b765259a9e2d590d7aec9c0184763f6f86babc

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.googletagmanager.com/gtag/js?id=G-YSMMJ6YD21

142.250.74.136

200 OK

107 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-YSMMJ6YD21
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint67:C2:D2:52:FF:49:65:5C:79:F7:93:22:F8:32:AB:11:AA:AB:6B:F7
ValidityTue, 24 Sep 2024 02:46:00 GMT - Tue, 17 Dec 2024 02:45:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
107 kB (107363 bytes)
Hash
fc9d35d9d36e9ab10fe9c42795c41350
80aaa8021e8f988325b4e11c438fcf4bbd75b17e
f3d21e47fde75c06c86a448abc694a1b414488cb1bf57d026cd0f19039504e62

HTTP Headers

GET /gtag/js?id=G-YSMMJ6YD21 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Oct 2024 06:46:11 GMT
expires: Sat, 12 Oct 2024 06:46:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 107363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtm.js?id=GTM-P86SFD7K

142.250.74.136

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P86SFD7K
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint67:C2:D2:52:FF:49:65:5C:79:F7:93:22:F8:32:AB:11:AA:AB:6B:F7
ValidityTue, 24 Sep 2024 02:46:00 GMT - Tue, 17 Dec 2024 02:45:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2345)
Size
69 kB (69346 bytes)
Hash
e0497c328b6dbc2a072f01269df3f82e
8cff2a3dc2b3d5817fe93ab3c3dfe20679b0ebe3
71df2215e1d0e0eff4558bfe584bf6ef944ccfa8d4495d7845a6ac748d541bf9

HTTP Headers

GET /gtm.js?id=GTM-P86SFD7K HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Oct 2024 06:46:11 GMT
expires: Sat, 12 Oct 2024 06:46:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Oct 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
server: Google Tag Manager
content-length: 69346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9d552b04d43a516149206d1ecd1ea90e
89a54301810ac37099b38c59c3d14bae1573e998
b8395843f3b51c0aff9591d4bc98e27f335c16826b5de66aaf26363edad3975e

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
31fd8c270501676fd780beb64a73bbd3
496283fe7d9630ef80b46fe861f5077c75629d11
23b964e0ba916ee9e9f4f29257b765259a9e2d590d7aec9c0184763f6f86babc

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET defacer.id/images/country-flags/png100px/id.png

172.67.138.31

200 OK

109 B

URL GET HTTP/3
defacer.id/images/country-flags/png100px/id.png
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
PNG image data, 100 x 67, 2-bit colormap, non-interlaced
Size
109 B (109 bytes)
Hash
a0232ab265d5aae4774ac90a9df79328
29f9ab1707c88d1b3ed1640309263eca49971e47
5a85ef3db9ab61729fbe1bf8f68714a27b982617d8cdc6e339579d7bf68888e7

HTTP Headers

GET /images/country-flags/png100px/id.png HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:11 GMT
content-type: image/png
content-length: 109
cache-control: public, max-age=604800
expires: Sat, 19 Oct 2024 06:46:12 GMT
last-modified: Sat, 18 May 2024 07:50:34 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rn3Hkieoo6M%2BBxIzGziv%2F24MEVl%2BHdUggkuCGIY6H6CpUwU8KPLPSqRrIaXhrDu9Afx239RdnDmCuWGQEcNt3bACmkx3yehmcOKcgKYtAgc%2BC3QC7oWfjCcyYuWk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1521a0fb3e56aa-OSL

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ccb7c0a230775ffeed6f8a2d5495f2f4
b64d41f2ff0740b511f8043dd7f00db3d937bdc8
c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8549
Expires: Sat, 12 Oct 2024 09:08:41 GMT
Date: Sat, 12 Oct 2024 06:46:12 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ccb7c0a230775ffeed6f8a2d5495f2f4
b64d41f2ff0740b511f8043dd7f00db3d937bdc8
c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8549
Expires: Sat, 12 Oct 2024 09:08:41 GMT
Date: Sat, 12 Oct 2024 06:46:12 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ccb7c0a230775ffeed6f8a2d5495f2f4
b64d41f2ff0740b511f8043dd7f00db3d937bdc8
c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8584
Expires: Sat, 12 Oct 2024 09:09:16 GMT
Date: Sat, 12 Oct 2024 06:46:12 GMT
Connection: keep-alive

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150516, version 770.768
Size
150 kB (150516 bytes)
Hash
328a9d0f59f0ebb55cddac6f39995bea
c0e6e76b4a02c34656ff2a41b671e02f2821829b
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2

HTTP Headers

GET /ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://defacer.id
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150516
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6373d4a6-24bf4"
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1318216
expires: Thu, 02 Oct 2025 06:46:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0q1h3FnP4Qbma7MrnJgIMw0MSXfR3bd5nh4fuMbDxzFAVFfjrMNEhralkLowfsHTtAUePP%2FZHK3inEZ898J%2Bv4iYmIVLt%2FU4AM4hMeNPE5ATjpFzaC%2BBNNcL%2FKaevmfejVrmTFN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8d1521a6fd1a56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63c31fb9376472c5d61169fe709918d2
30f71e1b4c7f022637729b692249746841c8e8de
b72ecd4ac6c976d39793a169eee0e2b507564092cd52c28db59931e6cac32b01

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63c31fb9376472c5d61169fe709918d2
30f71e1b4c7f022637729b692249746841c8e8de
b72ecd4ac6c976d39793a169eee0e2b507564092cd52c28db59931e6cac32b01

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-brands-400.woff2

104.17.25.14

200 OK

108 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-brands-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 107656, version 770.768
Size
108 kB (107656 bytes)
Hash
e2f5b365c7d3d4497da73148ddfae997
b99813b3c531d8fe90aed3b75d2ed71f8e0c87f4
c61287c2fa9863b5fb5844c683a168ac6520c94d822bb43d5eae35c3a2a82166

HTTP Headers

GET /ajax/libs/font-awesome/6.2.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://defacer.id
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 107656
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6373d4a6-1a488"
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 222746
expires: Thu, 02 Oct 2025 06:46:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvtD%2F1%2F1MMdez3rPg6FeFpd6XKyYxY9bjy90vxTcn17yDQgDrteTu6JDMB7TieotQcLuUJcLhb4SixS2vEZyDXeBJ0pVczdi%2BZLqRZWeEElCDQJDWt4ThnUnorpD55gEDzq6rWxM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8d1521a77dca56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET defacer.id/images/logo-big-white.png

172.67.138.31

200 OK

52 kB

URL GET HTTP/3
defacer.id/images/logo-big-white.png
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
PNG image data, 2364 x 614, 8-bit/color RGBA, non-interlaced
Size
52 kB (52534 bytes)
Hash
c61a9ccce88d65ba4e159ec5fb9657ea
98c84b929d24d5728f659567d3eb2d10b9aa5015
1d7d9d6bb3fe21e562b9063b133a07fa9d1a649d30730e41b801084290e33ff4

HTTP Headers

GET /images/logo-big-white.png HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: image/png
content-length: 52534
cache-control: public, max-age=604800
expires: Sat, 19 Oct 2024 06:46:12 GMT
last-modified: Sat, 18 May 2024 07:50:34 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HP%2BxYqD8f9MlSVo8jfbXLQVwq126uWAyh6Vlru%2B%2FWuVlmwToTQHeGtc0lRuy0%2BqgDrroEW255uWVoIJ81XAZiexn1g2vsegFJ5uucSzwuWOd%2FIvHfJXu1%2FsT0w8A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1521a0fb3c56aa-OSL

GET defacer.id/scripts/main.js?v=3

172.67.138.31

200 OK

2.2 kB

URL GET HTTP/3
defacer.id/scripts/main.js?v=3
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
JavaScript source, ASCII text, with very long lines (317)
Size
2.2 kB (2196 bytes)
Hash
a3084e1e6e1965bac70f2e810ecdd7c3
a400d53a44ec53df11dbeb3df66d15fdf37a066a
17915aaa89ac00ad6881f46f6e4a02eb6a593012b01ac21df5ed40e064473956

HTTP Headers

GET /scripts/main.js?v=3 HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/javascript
last-modified: Fri, 20 Sep 2024 15:44:01 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NlI2bY%2BJkIm5MIrKoTksmuw2LlG6r11NjcRlPY2AL92MwWUGe1%2BBXxyg8LkkJzlHOyZrW1H%2FmSxsmADIULphUUrAhQU0bVmrv27DyFzvegnuPWZJstrsFpuGR%2FMz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a10b4756aa-OSL
content-encoding: br

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63c31fb9376472c5d61169fe709918d2
30f71e1b4c7f022637729b692249746841c8e8de
b72ecd4ac6c976d39793a169eee0e2b507564092cd52c28db59931e6cac32b01

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14956, version 1.0
Size
15 kB (14956 bytes)
Hash
323c4b085bca3d43b7737a26f8e42df2
d2cee55b56ea75a78b84e5e3519e601c53827caf
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c

HTTP Headers

GET /s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://defacer.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Oct 2024 11:39:06 GMT
expires: Fri, 10 Oct 2025 11:39:06 GMT
cache-control: public, max-age=31536000
age: 155226
last-modified: Wed, 26 Apr 2023 23:36:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14988, version 1.0
Size
15 kB (14988 bytes)
Hash
bc5ccab827238170654800cd23accfc4
8604c8c81fecbd0a5325cf4786498de6f7e5b573
756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37

HTTP Headers

GET /s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://defacer.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 08:10:02 GMT
expires: Sat, 11 Oct 2025 08:10:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 23:44:33 GMT
content-type: font/woff2
age: 81370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14812, version 1.0
Size
15 kB (14812 bytes)
Hash
4cc7b43985407beb081d7718e06b5551
fb4930b73956aa681555cc2aa44d03e845e78264
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85

HTTP Headers

GET /s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://defacer.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 18:07:20 GMT
expires: Sat, 11 Oct 2025 18:07:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 27 Apr 2023 00:17:55 GMT
content-type: font/woff2
age: 45532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15704, version 1.0
Size
16 kB (15704 bytes)
Hash
ed616eb04c5f8213ee622be5b9baa4ad
b9d1e7a48366ab12fce3112f7f65ebbb555ec87f
c4d3deb734a27e6d0dc7a6b464779f70ba1c272e26287860a14e35e85acb5b76

HTTP Headers

GET /s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://defacer.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 05:25:52 GMT
expires: Sun, 12 Oct 2025 05:25:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 23:36:34 GMT
content-type: font/woff2
age: 4820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63c31fb9376472c5d61169fe709918d2
30f71e1b4c7f022637729b692249746841c8e8de
b72ecd4ac6c976d39793a169eee0e2b507564092cd52c28db59931e6cac32b01

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Oct 2024 06:46:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET defacer.id/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.138.31

302 Found

0 B

URL GET HTTP/3
defacer.id/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571; _ga_YSMMJ6YD21=GS1.1.1728715571.1.0.1728715571.0.0.0; _ga=GA1.1.1638123777.1728715572
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 12 Oct 2024 06:46:12 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsXazrqD1tdAjTPNTr%2BU%2Bw2Uv3tUH1MNyts3AoZckdJkPBpsaqP5qxTbZOU0vCTj1S%2Br0EN1y6DvyYKhjEkrA3j5i0oUjSNK6yTzlAibZK%2FrdKsvIpPqflNkPoYb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1521a9183656aa-OSL
alt-svc: h3=":443"; ma=86400

POST defacer.id/cdn-cgi/challenge-platform/h/b/jsd/r/8d15219b9bca56ba

172.67.138.31

200 OK

0 B

URL POST HTTP/3
defacer.id/cdn-cgi/challenge-platform/h/b/jsd/r/8d15219b9bca56ba
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8d15219b9bca56ba HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12144
Origin: https://defacer.id
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/mirror/id/127694
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571; _ga_YSMMJ6YD21=GS1.1.1728715571.1.0.1728715571.0.0.0; _ga=GA1.1.1638123777.1728715572
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.defacer.id; Priority=High; HttpOnly; Secure; SameSite=None
cf_clearance=PXlU44Zjb9H6nxhmbyckm3j6J_zhWNanBbCl7j7PphI-1728715572-1.2.1.1-PNpf_JYUMD92W_ev0k2dN5DIwYZPPbB3ROe7GWcsFkkLfUuS2mY_lJ2wn.5SENgGKImIaaAZnlfMbY6eiam5A7nmhK5xlmApvq_PP1ccynIa7oEoFNQC3otKMDQlDivKrXJJ21Bc46vAcDXQY44V1S0vabQdxaJJmk95r4lCtTJGmxv1pOYsQhATuLX_Ghejn4ayoJjiyXjHY3rM.lL0S1PAKPovqu53jTGuil0_FtumW.QX487Cm6r.C7zFpXTn08AIJfQ3ZH7KT71Q7v7gKJZcdDY.Gcf1xChNyl3bNYw9e6rPMIdvKRoOM_sI8BosGEIfLwrjO0MzwhncLOEquQ; Path=/; Expires=Sun, 12-Oct-25 06:46:12 GMT; Domain=.defacer.id; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VUamZrYZNr7a7N5Ct%2FprmeYZIOjMFJFHmV7yCl9EoIswnUJV%2F3fNJNnYs5STE7zbjyYixjdSb8e14LR75rKnjDEcreeXyaSGjCkUBOHid3PUHH4GuozpKV9vorLI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521aa29e656aa-OSL
alt-svc: h3=":443"; ma=86400

GET defacer.id/frame/mirror/id/127694

172.67.138.31

200 OK

2.0 kB

URL GET HTTP/3
defacer.id/frame/mirror/id/127694
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
JavaScript source, ASCII text, with very long lines (950), with CRLF line terminators
Size
2.0 kB (2002 bytes)
Hash
b156104ab69ee4fcc33bee365476323c
d38ac73cc1198271661cef33dc174a41a472ea66
d7666856a0cd621f792dea08b73fc629d4221791a6b2cb8d16ef66537bdc2aab

HTTP Headers

GET /frame/mirror/id/127694 HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571; _ga_YSMMJ6YD21=GS1.1.1728715571.1.0.1728715571.0.0.0; _ga=GA1.1.1638123777.1728715572
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/html;charset=UTF-8
x-powered-by: PHP/8.3.11
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
expect-ct: max-age=86400, enforce
access-control-allow-origin: https://defacer.id
content-security-policy: frame-ancestors 'self' https://defacer.id http://defacer.id;
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgPnSzs4owop%2BUGFQb1b6Z9%2Fm8tA7%2FsQMeRZ5R7kdCFz9M%2FT5sOCVEr19dwgh1VDf57d2jmP4fQOZJXlKIK1u0cJIVO%2BY4%2Bt1D%2BVU6hCyHZz3%2BR2v5O1TwXCjy0V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8d1521a69c8256aa-OSL
content-encoding: br

GET www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css

103.29.196.156

404 Not Found

10 B

URL GET HTTP/1.1
www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css
IP
103.29.196.156:443
ASN
#58375 Universitas Udayana

Requested by
moz-nullprincipal:{aa72d70c-41ad-4582-bc14-1eb9165c8750}?https://defacer.id
Certificate
IssuerSectigo Limited
Subject*.unud.ac.id
FingerprintBE:F7:36:87:94:33:79:36:42:4F:C5:1B:8B:D7:F5:6E:47:62:FD:1A
ValidityMon, 30 Sep 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
10 B (10 bytes)
Hash
fa574b221ff920dea92335ad414d1e08
bad64fd85986e2523b8bc64e4ff22352cc7b725c
24ebebb086a6a20b556bd3b8a3a0d73ac6b20c86b07eddb7fa7b7944f04e8640

HTTP Headers

GET /ac-admin/js/plugins/ckeditor/samples/sample.css HTTP/1.1
Host: www.unud.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sat, 12 Oct 2024 06:46:14 GMT
Server: Apache
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-src 'self' *.google.de google.de *.google.com google.com youtube.com *.youtube.com;
Public-Key-Pins: pin-sha256="OqzYW2MKz7rJ/fJi2iKTPZmIIOEx1gT7q+qeT29PlA8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; max-age=5184000; includeSubDomains
Content-Length: 10
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

GET defacer.id/plugins/scrollmenu/scrollmenu.min.js

172.67.138.31

200 OK

1.7 kB

URL GET HTTP/3
defacer.id/plugins/scrollmenu/scrollmenu.min.js
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
JavaScript source, ASCII text
Size
1.7 kB (1697 bytes)
Hash
610785d1fc939d9a9d284d94d96a913e
5853de522378c6bebc266cfae0260f076ad16fb3
fbcad28070ba82e731b60aca924f844794d897b191e960f09d8426d746e2a04b

HTTP Headers

GET /plugins/scrollmenu/scrollmenu.min.js HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/javascript
last-modified: Mon, 17 Jul 2023 09:22:10 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PpydotOj6GtmC69MzS7lGPC98YySISTNMqkd83X4UfBGvzkqy0QLKUzZBK%2BcDorHaYHrT3ZZ9cjT0eoJRPUq3rB7shOZWehtJWcoB2%2BNzl2o3f0Rj7Wq2M8Pmaac"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a0eb3056aa-OSL
content-encoding: br

GET cur.cursors-4u.net/symbols/sym-1/sym46.cur

96.43.128.66

200 OK

169 B

URL GET HTTP/1.1
cur.cursors-4u.net/symbols/sym-1/sym46.cur
IP
96.43.128.66:443
ASN
#19969 JOESDATACENTER

Requested by
moz-nullprincipal:{aa72d70c-41ad-4582-bc14-1eb9165c8750}?https://defacer.id
Certificate
IssuerLet's Encrypt
Subjectani.cursors-4u.net
Fingerprint9B:5E:20:BB:FD:E3:15:D0:76:12:37:D1:33:24:4C:E9:0A:A3:68:F0
ValidityFri, 06 Sep 2024 04:33:36 GMT - Thu, 05 Dec 2024 04:33:35 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
bd6987d71fad7058a993a9028dc40454
3ed872fa3a00837bb008ad9d201850e2ea57a79f
f0e759f444eb3a324b621f0548919424455e81441d42ea6bc6bcd2b24fce1b92

HTTP Headers

GET /symbols/sym-1/sym46.cur HTTP/1.1
Host: cur.cursors-4u.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.16.1
Date: Sat, 12 Oct 2024 06:46:14 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://cur.cursors-4u.net/symbols/sym-1/sym46.cur

GET b.top4top.io/m_3121utenk9.mp3

135.181.63.70

206 Partial Content

3.8 MB

URL GET HTTP/2
b.top4top.io/m_3121utenk9.mp3
IP
135.181.63.70:443
ASN
#24940 Hetzner Online GmbH

Requested by
moz-nullprincipal:{aa72d70c-41ad-4582-bc14-1eb9165c8750}?https://defacer.id
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint03:60:FB:23:F0:74:D1:DD:00:44:F1:4C:88:9A:6D:A6:9B:F2:8D:29
ValidityThu, 29 Aug 2024 23:23:41 GMT - Wed, 27 Nov 2024 23:23:40 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo
Size
3.8 MB (3790000 bytes)
Hash
d7711534f89ce964edf3b48691032a1a
3524d9c92f231bff564645961c0313e74d76bf89
0b25ff1a96a03e4dc074e530d817f5e4f3d38be09c77d7f5a008ebbf785d8c6d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /m_3121utenk9.mp3 HTTP/1.1
Host: b.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Sat, 12 Oct 2024 06:46:14 GMT
content-type: audio/mpeg
content-length: 3790000
set-cookie: klj_40d147_downloads=yhpn1; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sun, 13 Oct 2024 06:22:54 GMT
last-modified: Thu, 18 Jul 2024 09:32:39 GMT
content-disposition: inline; filename="7SIEB18S92JE7S82J27D83J_18-07-24_16-30-37-206_23_53.mp3"
etag: "6698e137-39d4b0"
expires: Sat, 12 Oct 2024 08:46:14 GMT
cache-control: max-age=7200
x-file-id: x57933325x
content-range: bytes 0-3789999/3790000
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
268a46408a619ce159107f30e844b459
222ba92ad284b42b941b4068119fc3a083b2f79b
813aee37cc6cbf4897f43ce550a34458d064a6507e45aef5391907b1d4156c81

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "813AEE37CC6CBF4897F43CE550A34458D064A6507E45AEF5391907B1D4156C81"
Last-Modified: Thu, 10 Oct 2024 16:10:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14361
Expires: Sat, 12 Oct 2024 10:45:35 GMT
Date: Sat, 12 Oct 2024 06:46:14 GMT
Connection: keep-alive

GET cur.cursors-4u.net/symbols/sym-1/sym46.cur

96.43.128.66

200 OK

4.3 kB

URL GET HTTP/1.1
cur.cursors-4u.net/symbols/sym-1/sym46.cur
IP
96.43.128.66:443
ASN
#19969 JOESDATACENTER

Requested by
moz-nullprincipal:{aa72d70c-41ad-4582-bc14-1eb9165c8750}?https://defacer.id
Certificate
IssuerLet's Encrypt
Subjectani.cursors-4u.net
Fingerprint9B:5E:20:BB:FD:E3:15:D0:76:12:37:D1:33:24:4C:E9:0A:A3:68:F0
ValidityFri, 06 Sep 2024 04:33:36 GMT - Thu, 05 Dec 2024 04:33:35 GMT

File type
MS Windows cursor resource - 1 icon, 32x32, hotspot @11x11
Size
4.3 kB (4286 bytes)
Hash
31676d5ab8fb01934b2941b1fea3d7a9
33db96cd3fa65f88a330115bceed2ba542a6a2e6
cc451aa50cb9f48a52bcf89ae2f2ad26f4f75ab5cad6de73174e9016b79079f7

HTTP Headers

GET /symbols/sym-1/sym46.cur HTTP/1.1
Host: cur.cursors-4u.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 12 Oct 2024 06:46:15 GMT
Content-Type: application/octet-stream
Content-Length: 4286
Last-Modified: Wed, 27 Feb 2013 18:46:54 GMT
Connection: keep-alive
ETag: "512e549e-10be"
Accept-Ranges: bytes

GET i.ibb.co.com/Xbq0MCN/Jihad-Religious-Waving-Flag-Stock-Footage.gif

162.19.58.160

200 OK

7.7 MB

URL GET HTTP/2
i.ibb.co.com/Xbq0MCN/Jihad-Religious-Waving-Flag-Stock-Footage.gif
IP
162.19.58.160:443
ASN
#16276 OVH SAS

Requested by
moz-nullprincipal:{aa72d70c-41ad-4582-bc14-1eb9165c8750}?https://defacer.id
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint26:FE:71:E0:50:E8:60:94:E3:4F:62:05:27:41:82:DD:84:EE:89:AC
ValidityThu, 22 Aug 2024 08:17:43 GMT - Wed, 20 Nov 2024 08:17:42 GMT

File type
GIF image data, version 89a, 640 x 360
Size
7.7 MB (7706146 bytes)
Hash
c08212cc6d4fe6db9491efe10797fec4
f6879d501b8506d4aacc9e00f96bf3b02dda8a5d
3f1c84db7febdd01dbe91bc5377768d811535e656ee6ac504d9a184434ffd6ed

HTTP Headers

GET /Xbq0MCN/Jihad-Religious-Waving-Flag-Stock-Footage.gif HTTP/1.1
Host: i.ibb.co.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 12 Oct 2024 06:46:15 GMT
content-type: image/gif
content-length: 7706146
last-modified: Thu, 18 Jul 2024 09:26:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

9.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint80:2E:9C:80:BE:20:08:CB:81:6F:92:4C:83:5C:1E:73:D7:6B:F3:27
ValidityTue, 24 Sep 2024 03:17:04 GMT - Tue, 17 Dec 2024 03:17:03 GMT

File type
ASCII text, with very long lines (9655), with no line terminators
Size
9.4 kB (9430 bytes)
Hash
449a643191cd9f8ef5e3b2b987b9c72b
c34c795061c787ee61d62f780c3b40ace0433949
c61101ffb8db24d6c690dec1231fd6f284672822b92bec8e9134afacdacd6b4f

HTTP Headers

GET /css2?family=IBM+Plex+Mono:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Oct 2024 06:46:11 GMT
date: Sat, 12 Oct 2024 06:46:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET defacer.id/styles/main.css?v=4

172.67.138.31

200 OK

126 kB

URL GET HTTP/3
defacer.id/styles/main.css?v=4
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type

Size
126 kB (126453 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /styles/main.css?v=4 HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 19 Oct 2024 06:46:12 GMT
last-modified: Thu, 22 Aug 2024 14:31:56 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ri%2Fc1E5yk%2FGXqi14oSs2cy4BHNk1wJgCKp4BJPi6CxUa%2BelGTGm8JtDBCYzS8KAJt0yvIJjezHb4VjvBm4JQwMJrQyIWZTGeW2otuQdy6Y4FAW0PV6v%2FGC8soq4W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a0eb3556aa-OSL
content-encoding: br

GET images.dmca.com/Badges/DMCABadgeHelper.min.js

194.242.11.186

200 OK

465 B

URL GET HTTP/2
images.dmca.com/Badges/DMCABadgeHelper.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerLet's Encrypt
Subjectimages.dmca.com
Fingerprint0C:98:42:D8:37:D0:B7:B0:D9:97:6B:9B:E5:0A:C0:53:86:AD:4F:C0
ValidityFri, 30 Aug 2024 04:16:27 GMT - Thu, 28 Nov 2024 04:16:26 GMT

File type
JavaScript source, ASCII text, with very long lines (496), with no line terminators
Size
465 B (465 bytes)
Hash
c5b49c326309174e4524057288a39582
ac4ac0cc06b4c4a13a28b06cac06399ba7168136
4ccaace87bdde15a0a00e832c3a814a1cd21a951bbc109300ede5b0f961a5610

HTTP Headers

GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Oct 2024 06:46:11 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1574055
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: br
etag: "26b181f16d28d51:0"
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
x-powered-by: ASP.NET
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/26/2024 21:49:26
cdn-edgestorageid: 830
link: <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: fa732f6945d5f826e9b884a4c79c8af3
cdn-cache: HIT
X-Firefox-Spdy: h2

GET defacer.id/plugins/font-awesome/v6/brands.css

172.67.138.31

200 OK

22 kB

URL GET HTTP/3
defacer.id/plugins/font-awesome/v6/brands.css
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
ASCII text
Size
22 kB (22521 bytes)
Hash
48d4a0ad5443a372cbfc126851e131ed
cdb1c8648af01ad646344cbb8b538a6e648ec1ed
d76ba2737ccd7d2f74703d0b88881e170e9566bb85dd7383a79c7d79b07d8cce

HTTP Headers

GET /plugins/font-awesome/v6/brands.css HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 19 Oct 2024 06:46:12 GMT
last-modified: Sat, 03 Jun 2023 09:59:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvufNP14XvCZwJnKhfLPYmxE2pJSx6QmpwAWI0fq6anHVcXYDYsAx6BRlUzmMmqf%2BJH%2ByBF1zWd3wfyx5grHwtxFbyQBGuDbuyXskSUDD5AF7zoleQXey01K3ABz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a0eb2456aa-OSL
content-encoding: br

GET defacer.id/plugins/highlight/highlight.min.js

172.67.138.31

200 OK

121 kB

URL GET HTTP/3
defacer.id/plugins/highlight/highlight.min.js
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
JavaScript source, ASCII text, with very long lines (7910)
Size
121 kB (120762 bytes)
Hash
2a66af0aa884e09f41086cf620b4186f
e3cfe91dbc54c5fb33e98fe4fb7ba168cec0945c
9f19cebc1d4441ae1f0ffc696a42628b9f865fe5d99deda1f1e8cd5bec878888

HTTP Headers

GET /plugins/highlight/highlight.min.js HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/javascript
last-modified: Sat, 03 Jun 2023 09:59:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Z4mZQQr2%2FCMh%2BL3Z2ESwieMkoz4q%2FRxbCm2%2F0EUfEPCB5t8IpAC%2BTz2N9c%2FwvECEak36SMyPPdBTCqONKD%2FVLOzTFLnnc7hBxVi%2Fqi8FwzeRgCpiYIr8EBmcjv8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a10b4456aa-OSL
content-encoding: br

GET defacer.id/favicon.ico

172.67.138.31

200 OK

862 B

URL GET HTTP/3
defacer.id/favicon.ico
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
862 B (862 bytes)
Hash
73cbada23f5a091ab2f94fb4f7fff9f9
85ecae8a4e5ffbafdbd06e7e2794fc40e88863a7
6d635201c3b9e4f8c3ac90fcfe1a038116967ea94fbbf7f4269aaccb5b629a3c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571; _ga_YSMMJ6YD21=GS1.1.1728715571.1.0.1728715571.0.0.0; _ga=GA1.1.1638123777.1728715572
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Fri, 18 Oct 2024 02:12:48 GMT
last-modified: Sun, 22 Sep 2024 16:23:48 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102804
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxU7F%2BNZdJgt6%2Fn%2Bx2nMDhXn6gkTC6br%2FlEb%2BiV1FZcDFQERebS5rj18246zZWkyHNGxg2OiERm%2F0sBGsxxEGe%2B48e1Nj7O4t0fkEdBPre2wMMAMUWV%2FrbnR3SWC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a9082656aa-OSL
content-encoding: br

GET defacer.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

172.67.138.31

200 OK

8.0 kB

URL GET HTTP/3
defacer.id/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
JavaScript source, ASCII text, with very long lines (8026), with no line terminators
Size
8.0 kB (8026 bytes)
Hash
70876d6b12557d136769791cb55f3539
751ca987c15945917975fd8b8850f8ae9b103ca6
da4ab40229ecc5c35feed5c23151f51c58eaf0454bcf2b5ca38c1fc49774db77

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js? HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571; _ga_YSMMJ6YD21=GS1.1.1728715571.1.0.1728715571.0.0.0; _ga=GA1.1.1638123777.1728715572
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=124LDxWInPdmXpOr2pMd6Zl7bHNccRz7bJAarbXgLcHv1IvphX94clSgH8IU5Z3ELW4JomAmJvU0qa4vJTP%2FHpeLg8Osk8SefXVV0Bma9yCirXArJCrxTOv62W3M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1521a9388356aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET defacer.id/plugins/highlight/highlight.min.css

172.67.138.31

200 OK

997 B

URL GET HTTP/3
defacer.id/plugins/highlight/highlight.min.css
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
ASCII text, with very long lines (1081), with no line terminators
Size
997 B (997 bytes)
Hash
6d3369ee7a94e0cf1b03fbbd4e88e581
fe9565a52bc0f8b106cee69d5a7843b5e3e358f4
6036145a5dcc3690ced6d165986f4b95a7404d7faeb38dafb101bf3f7265eadb

HTTP Headers

GET /plugins/highlight/highlight.min.css HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 19 Oct 2024 06:46:12 GMT
last-modified: Sat, 03 Jun 2023 09:59:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42o7%2BoFkreWI0N1HxtunIZKxD8vIbtqVmAjzJbu0oZI38HFbdMUr6CU937XzTJCaRQwgW8KI2QeEJqfjr64wtgHPT%2BxRwaauHkIF6dTK7IlRv2D5rqFFrQwTN%2BKA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a0eb1f56aa-OSL
content-encoding: br

GET defacer.id/plugins/font-awesome/v6/solid.css

172.67.138.31

200 OK

745 B

URL GET HTTP/3
defacer.id/plugins/font-awesome/v6/solid.css
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
ASCII text, with very long lines (779), with no line terminators
Size
745 B (745 bytes)
Hash
c688175c0ea04a94d2d9c1f0c2fac96a
978876f8ee899c36aac6853bc88222831fd5061a
e51014f92d2956a07d703938ad5ba25ec1c510705e4caf10bb272b4487f090b2

HTTP Headers

GET /plugins/font-awesome/v6/solid.css HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 19 Oct 2024 06:46:12 GMT
last-modified: Sat, 03 Jun 2023 09:59:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YoVCcYK%2B63RHKFSQmOlYJ9zrpKhqcRCV9EI8rbJHTlKv%2FRIIfIOyayKTcQjtBwHueDKtuhl9O3R8DqXlMvOPe2PnHIYtYj6q6yMQe3rMpErwrMeUcdqx8WmvHMqM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a0eb2c56aa-OSL
content-encoding: br

GET fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap

142.250.74.106

200 OK

3.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint80:2E:9C:80:BE:20:08:CB:81:6F:92:4C:83:5C:1E:73:D7:6B:F3:27
ValidityTue, 24 Sep 2024 03:17:04 GMT - Tue, 17 Dec 2024 03:17:03 GMT

File type
ASCII text, with very long lines (3750), with no line terminators
Size
3.7 kB (3660 bytes)
Hash
a80e7a8b880905494a30ae504ccab3cc
0447c0b9236ae22488d6b3d36a6b92b4e4282e80
79fa75dc1c7c07d362383c5532ed23d41cbf653fd8cc89e490cd8540c84dd131

HTTP Headers

GET /css2?family=Montserrat:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Oct 2024 06:46:11 GMT
date: Sat, 12 Oct 2024 06:46:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET defacer.id/plugins/font-awesome/v6/regular.css

172.67.138.31

200 OK

753 B

URL GET HTTP/3
defacer.id/plugins/font-awesome/v6/regular.css
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
ASCII text, with very long lines (787), with no line terminators
Size
753 B (753 bytes)
Hash
7789a2383a2ac66d1559763928dcb678
8394f9756c75e507d3253ded01bfa38949c73abb
0d3ff3ec900d7be092b35ec2519b885d0589643d43df6dd1d1498477a9839deb

HTTP Headers

GET /plugins/font-awesome/v6/regular.css HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 19 Oct 2024 06:46:12 GMT
last-modified: Sat, 03 Jun 2023 09:59:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qOS0LwQv2wZ%2FSyqGVUeggYURmSB3iPzXma2UP5j3dPilW8wcf14MkeqJI9OF39nSM0dSa7tNTctQp1SLVD99jr%2Fb516qP04BISSy%2FJpyWqvkQiZ%2BdHk%2Bsttmuts"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a0eb2a56aa-OSL
content-encoding: br

GET defacer.id/mirror/id/127694

172.67.138.31

200 OK

20 kB

URL User Request GET HTTP/2
defacer.id/mirror/id/127694
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
HTML document, ASCII text, with very long lines (947), with CRLF line terminators
Size
20 kB (19497 bytes)
Hash
91a6c72f94d11a5637df8975b8d32053
8431722212f5d36072d860c4d73c68cf28b6bc9e
fd6aa1effa80ccb95ce6b867ce35324ceafd3599c44b29c8b88179efb75eabcf

HTTP Headers

GET /mirror/id/127694 HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 12 Oct 2024 06:46:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.11
set-cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; path=/; secure
lvt=1728715571; expires=Sat, 12 Oct 2024 06:51:11 GMT; Max-Age=300; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
expect-ct: max-age=86400, enforce
access-control-allow-origin: https://defacer.id
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5eEyhInKJHlw83JQICXN6bWq84ij2ucs89x92%2FsJvsB7C7CkxHx1xU9t9bv06RONnALizFxHfVSRi1sHryHnwmIfv%2BqNxBTVmP0Jn3PDY%2Bn9nzO0A7fqhCxPnm0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8d15219b9bca56ba-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET defacer.id/plugins/font-awesome/v6/fontawesome.css

172.67.138.31

200 OK

95 kB

URL GET HTTP/3
defacer.id/plugins/font-awesome/v6/fontawesome.css
IP
172.67.138.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://defacer.id/mirror/id/127694
Certificate
IssuerGoogle Trust Services
Subjectdefacer.id
Fingerprint3E:68:06:84:CC:FC:42:75:13:CE:2A:14:6F:0F:A1:9D:9C:8F:84:77
ValidityMon, 19 Aug 2024 22:20:44 GMT - Sun, 17 Nov 2024 22:20:43 GMT

File type
troff or preprocessor input, ASCII text
Size
95 kB (95409 bytes)
Hash
77c06d7e7a497d3326568a484df5a933
1b8d7952d07d9f71cbaa2d7c4c8f28d7236db354
64f2491a4a5d30ffe4da939b279a092f8c68d9739d48bfa11b9861afcd0fc1d2

HTTP Headers

GET /plugins/font-awesome/v6/fontawesome.css HTTP/1.1
Host: defacer.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://defacer.id/mirror/id/127694
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=fqfpurg3mgr6nupq2kt13pip24; lvt=1728715571
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 12 Oct 2024 06:46:12 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 19 Oct 2024 06:46:12 GMT
last-modified: Sat, 03 Jun 2023 09:59:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAzHgxCbR%2BaMcYlnqul5J%2B0%2BZmNu5tpKzTiKXiw6DHI1ocpy%2FL6vpTXJc0PvZMAqeNs4%2BpgheUJeLe7P9Owz6Tely7dG3bieHVpwLLmp4VVmsLCilXEKw21ZeUPj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1521a0eb2d56aa-OSL
content-encoding: br

GET bit.ly/2UGCIC5

67.199.248.11

301 Moved Permanently

0 B

URL GET HTTP/2
bit.ly/2UGCIC5
IP
67.199.248.11:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
moz-nullprincipal:{aa72d70c-41ad-4582-bc14-1eb9165c8750}?https://defacer.id
Certificate
IssuerDigiCert Inc
Subjectbit.ly
FingerprintC0:83:8F:43:A4:CB:4B:A1:33:DB:0B:F1:CD:DA:BF:1B:37:8F:B4:17
ValidityMon, 06 May 2024 00:00:00 GMT - Tue, 06 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2UGCIC5 HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://defacer.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 12 Oct 2024 06:46:13 GMT
content-type: text/html; charset=utf-8
content-length: 157
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css
referrer-policy: unsafe-url
set-cookie: _bit=o9c6Kc-d248af954469df7a2f-003; Domain=bit.ly; Expires=Thu, 10 Apr 2025 06:46:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash