Report - www.sartikasamosir.com/2017/07/

Report Overview

Visitedpublic

2023-12-28 13:47:44

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.ampproject.org	329	2015-08-31	2015-10-09 06:27:01	2023-12-27 18:12:18	3.6 kB	252 kB	216.58.207.193
sartikasamosir.com	unknown	unknown	No data	No data	931 B	78 kB	104.21.86.216
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2023-12-27 17:20:57	1.8 kB	7.2 MB	162.19.58.158
i.gyazo.com	72426	2007-08-31	2014-03-14 10:33:51	2023-12-25 22:59:57	458 B	757 kB	104.18.24.163
i.postimg.cc	23840	2016-06-11	2018-04-11 12:01:12	2023-12-28 07:54:05	3.2 kB	11 kB	162.19.88.69

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-28 13:47:17	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-28 13:47:17	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	cdn.ampproject.org/v0/amp-iframe-0.1.js	ScriptElement	26 kB	2023-12-13	2024-08-20
URL cdn.ampproject.org/v0/amp-iframe-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2023-12-13 Last Seen 2024-08-20 Times Seen 37 Size 26 kB (25732 bytes) MD5 9a194756401f0db85711296953bdfea3 SHA1 1c5d63bb3c8a3bfd3feb7182cef9c70e84f26f2e SHA256 4223e8178440140140accbdde18d9472237ea1c30d037e7b10547c0377a1c450 Format Code Loading...

	cdn.ampproject.org/v0.js	ScriptElement	285 kB	2023-12-12	2024-08-20
URL cdn.ampproject.org/v0.js IP / ASN 216.58.207.193 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2023-12-12 Last Seen 2024-08-20 Times Seen 198 Size 285 kB (284583 bytes) MD5 25fceb339e059dec9c3dbf0f81e7e37f SHA1 3d4e3461ef4036b3e8b72b47f902f52b6aa83fcc SHA256 e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf Format Code Loading...

	cdn.ampproject.org/v0/amp-carousel-0.1.js	ScriptElement	39 kB	2023-12-13	2024-08-20
URL cdn.ampproject.org/v0/amp-carousel-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2023-12-13 Last Seen 2024-08-20 Times Seen 54 Size 39 kB (38741 bytes) MD5 8ab2c1172dd8e4ed52ee67c931109bf5 SHA1 2dfeca0b98435cb647381b2dc4532d3930f87bb4 SHA256 85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b Format Code Loading...

	cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js	ScriptElement	7.8 kB	2023-12-13	2024-08-20
URL cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2023-12-13 Last Seen 2024-08-20 Times Seen 158 Size 7.8 kB (7812 bytes) MD5 cf2182dece434bb54b0b0d14749cce69 SHA1 e643d7efad3c3ef6628749b2ba3e4771856a2e21 SHA256 1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d Format Code Loading...

	cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js	ScriptElement	13 kB	2023-12-13	2024-08-20
URL cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2023-12-13 Last Seen 2024-08-20 Times Seen 171 Size 13 kB (12730 bytes) MD5 deb89db172e0d058e74c3d7c80225199 SHA1 75d519b0a9de8d6cd0327c0e99de5dafcf430537 SHA256 3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9 Format Code Loading...

	cdn.ampproject.org/v0/amp-bind-0.1.js	ScriptElement	52 kB	2023-12-18	2024-08-20
URL cdn.ampproject.org/v0/amp-bind-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2023-12-18 Last Seen 2024-08-20 Times Seen 18 Size 52 kB (51563 bytes) MD5 07b4a6822a8f31125488da4f2fff8209 SHA1 32218bd69d18e89c9ad4c63912eeea119b0b5f8d SHA256 f4bedabec2adb6bd571b46c49de0885c0f832735209f7c58f6af7c7e3d95fe02 Format Code Loading...

HTTP Transactions (22)

	URL	IP	Response	Size
	GET cdn.ampproject.org/v0/amp-iframe-0.1.js	216.58.207.193	200 OK	8.9 kB
URL GET HTTPS cdn.ampproject.org/v0/amp-iframe-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Requested byhttps://sartikasamosir.com/ Resource Info File typeASCII text, with very long lines (25617) First Seen2023-12-13 Last Seen2024-08-20 Times Seen37 Size8.9 kB (8936 bytes) MD59a194756401f0db85711296953bdfea3 SHA11c5d63bb3c8a3bfd3feb7182cef9c70e84f26f2e SHA2564223e8178440140140accbdde18d9472237ea1c30d037e7b10547c0377a1c450 Certificate Info IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT HTTP Headers `GET /v0/amp-iframe-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 8936 date: Thu, 28 Dec 2023 13:47:17 GMT expires: Thu, 28 Dec 2023 13:47:17 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "983117833e8e8e62" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET cdn.ampproject.org/v0/amp-carousel-0.1.js	216.58.207.193	200 OK	12 kB
URL GET HTTPS cdn.ampproject.org/v0/amp-carousel-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Requested byhttps://sartikasamosir.com/ Resource Info File typeUnicode text, UTF-8 text, with very long lines (38620) First Seen2023-12-13 Last Seen2024-08-20 Times Seen54 Size12 kB (11509 bytes) MD58ab2c1172dd8e4ed52ee67c931109bf5 SHA12dfeca0b98435cb647381b2dc4532d3930f87bb4 SHA25685d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b Certificate Info IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT HTTP Headers `GET /v0/amp-carousel-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 11509 date: Thu, 28 Dec 2023 13:47:17 GMT expires: Thu, 28 Dec 2023 13:47:17 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "89fd1f55c72a0a94" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET cdn.ampproject.org/v0.js	216.58.207.193	200 OK	73 kB
URL GET HTTPS cdn.ampproject.org/v0.js IP / ASN 216.58.207.193 #15169 GOOGLE Requested byhttps://sartikasamosir.com/ Resource Info File typeUnicode text, UTF-8 text, with very long lines (64654) First Seen2023-12-12 Last Seen2024-08-20 Times Seen198 Size73 kB (73141 bytes) MD525fceb339e059dec9c3dbf0f81e7e37f SHA13d4e3461ef4036b3e8b72b47f902f52b6aa83fcc SHA256e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf Certificate Info IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT HTTP Headers `GET /v0.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 73141 date: Thu, 28 Dec 2023 13:47:17 GMT expires: Thu, 28 Dec 2023 13:47:17 GMT cache-control: private, max-age=3000, stale-while-revalidate=1206600 etag: "20620290c9309704" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js	216.58.207.193	200 OK	3.0 kB
URL GET HTTPS cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Requested byhttps://sartikasamosir.com/ Resource Info File typeASCII text, with very long lines (7690) First Seen2023-12-13 Last Seen2024-08-20 Times Seen158 Size3.0 kB (2975 bytes) MD5cf2182dece434bb54b0b0d14749cce69 SHA1e643d7efad3c3ef6628749b2ba3e4771856a2e21 SHA2561e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d Certificate Info IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT HTTP Headers `GET /rtv/012312012346000/v0/amp-auto-lightbox-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://sartikasamosir.com DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 2975 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 23 Dec 2023 00:18:39 GMT expires: Sun, 22 Dec 2024 00:18:39 GMT cache-control: public, max-age=31536000 etag: "a9f93cfafa19b094" content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 480519 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js	216.58.207.193	200 OK	3.9 kB
URL GET HTTPS cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Requested byhttps://sartikasamosir.com/ Resource Info File typeASCII text, with very long lines (12615) First Seen2023-12-13 Last Seen2024-08-20 Times Seen171 Size3.9 kB (3942 bytes) MD5deb89db172e0d058e74c3d7c80225199 SHA175d519b0a9de8d6cd0327c0e99de5dafcf430537 SHA2563c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9 Certificate Info IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT HTTP Headers `GET /rtv/012312012346000/v0/amp-loader-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://sartikasamosir.com DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 3942 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 22 Dec 2023 00:04:39 GMT expires: Sat, 21 Dec 2024 00:04:39 GMT cache-control: public, max-age=31536000 etag: "4694a1430564add5" content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 567759 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET sartikasamosir.com/	104.21.86.216	200 OK	30 kB
URL User Request GET HTTPS sartikasamosir.com/ IP / ASN 104.21.86.216 #13335 CLOUDFLARENET Requested byN/A Resource Info File typeHTML document, ASCII text, with very long lines (684), with CRLF line terminators First Seen2024-08-20 Last Seen2024-08-20 Times Seen1 Size30 kB (29812 bytes) MD5cf16914c95bdfc577454edb35a82d0c8 SHA1602dd4d459a5a3588fd97aefa34855671957c4d4 SHA256216a0f3a1db8ca49a2f85ab36eecad739648cadd65998e68bee18282e953ce09 Certificate Info IssuerLet's Encrypt Subjectsartikasamosir.com FingerprintFE:BE:5D:B0:DA:5A:3F:8A:26:B4:D3:5D:C1:6C:00:01:07:9D:8D:1B ValiditySat, 09 Dec 2023 06:54:43 GMT - Fri, 08 Mar 2024 06:54:42 GMT HTTP Headers `GET / HTTP/1.1 Host: sartikasamosir.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Thu, 28 Dec 2023 13:47:17 GMT content-type: text/html last-modified: Tue, 15 Aug 2023 20:21:07 GMT cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBCPuNX5GO%2B%2FCVGjn9%2BXNuTeIxjZTDSfauRlMHvQBhf%2BAZERp4RteyJoeTbgUWE1sdtMDrKjYp%2BxiwWddvgJ53S7VNnoHRzv3qAtpX8K%2BCxD10nEOEE%2Bhp%2FouXFcK%2FP6alUh8Zc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83ca4118cc1b56a8-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET i.ibb.co/SwSWdtk/LOGO-GG138-PNG.png	162.19.58.158	200 OK	145 kB
URL GET HTTPS i.ibb.co/SwSWdtk/LOGO-GG138-PNG.png IP / ASN 162.19.58.158 #16276 OVH SAS Requested byhttps://sartikasamosir.com/ Resource Info File typePNG image data, 600 x 300, 8-bit/color RGBA, non-interlaced First Seen2024-08-20 Last Seen2024-08-20 Times Seen1 Size145 kB (144933 bytes) MD521a72ba1f73e8ff49490bd87408f7cd2 SHA17e41c8d5e7ed2b0d20bced95bc2f5a52561c55f7 SHA256fe27abdb5b0d0e8887cdc06ca5e5467bccedaf735bccb6eea9a9ec547c97d415 Certificate Info IssuerLet's Encrypt Subjectibb.co FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT HTTP Headers `GET /SwSWdtk/LOGO-GG138-PNG.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 28 Dec 2023 13:47:18 GMT content-type: image/png content-length: 144933 last-modified: Sun, 13 Aug 2023 16:36:58 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	GET cdn.ampproject.org/v0.js	216.58.207.193	200 OK	73 kB
URL GET HTTPS cdn.ampproject.org/v0.js IP / ASN 216.58.207.193 #15169 GOOGLE Requested byhttps://sartikasamosir.com/ Resource Info File typeUnicode text, UTF-8 text, with very long lines (64654) First Seen2023-12-12 Last Seen2024-08-20 Times Seen198 Size73 kB (73141 bytes) MD525fceb339e059dec9c3dbf0f81e7e37f SHA13d4e3461ef4036b3e8b72b47f902f52b6aa83fcc SHA256e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf Certificate Info IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT HTTP Headers `GET /v0.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 73141 date: Thu, 28 Dec 2023 13:47:18 GMT expires: Thu, 28 Dec 2023 13:47:18 GMT cache-control: private, max-age=3000, stale-while-revalidate=1206600 etag: "20620290c9309704" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET i.ibb.co/FHRW25g/demo-slot-pg-soft.gif	162.19.58.158	404 Not Found	1.0 kB
URL GET HTTPS i.ibb.co/FHRW25g/demo-slot-pg-soft.gif IP / ASN 162.19.58.158 #16276 OVH SAS Requested byhttps://sartikasamosir.com/ Resource Info File typePNG image data, 180 x 180, 4-bit colormap, non-interlaced First Seen2023-05-01 Last Seen2025-08-09 Times Seen2135 Size1.0 kB (1031 bytes) MD57325e2012a6cf941a6ea14f0061ff764 SHA10d2ba63e280b979a98bc431bec8a7af985578769 SHA25663e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69 Certificate Info IssuerLet's Encrypt Subjectibb.co FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT HTTP Headers `GET /FHRW25g/demo-slot-pg-soft.gif HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 404 Not Found server: nginx date: Thu, 28 Dec 2023 13:47:18 GMT content-type: image/png content-length: 1031 X-Firefox-Spdy: h2`

	GET i.ibb.co/XSsH53r/banner-GG138.jpg	162.19.58.158	200 OK	7.0 MB
URL GET HTTPS i.ibb.co/XSsH53r/banner-GG138.jpg IP / ASN 162.19.58.158 #16276 OVH SAS Requested byhttps://sartikasamosir.com/ Resource Info File typeN/A First Seen2024-08-20 Last Seen2024-08-20 Times Seen1 Size7.0 MB (7041599 bytes) MD586de95d58f1ee2d515f46ff52d4f60fb SHA1421d70c69d7d3f99506b29a75f99cd46d38f98ad SHA256bfc3e824b5914a8e647f2ee9f04100ef6b607cfefc01cb5527a75e7e9dd125c6 Certificate Info IssuerLet's Encrypt Subjectibb.co FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT HTTP Headers `GET /XSsH53r/banner-GG138.jpg HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Thu, 28 Dec 2023 13:47:17 GMT content-type: image/jpeg content-length: 7041599 last-modified: Sun, 13 Aug 2023 16:37:32 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	GET i.gyazo.com/95033441dc3061b63ab4b9f847cc067f.jpg	104.18.24.163	200 OK	756 kB
URL GET HTTPS i.gyazo.com/95033441dc3061b63ab4b9f847cc067f.jpg IP / ASN 104.18.24.163 #13335 CLOUDFLARENET Requested byhttps://sartikasamosir.com/ Resource Info File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3 First Seen2023-10-28 Last Seen2024-08-20 Times Seen3 Size756 kB (756033 bytes) MD595033441dc3061b63ab4b9f847cc067f SHA18949031808451ea6b654a5fae75f0e7ae721aded SHA25637fc856487ff5b293e8ab4e033b6d090df2f6df45854e83bd0e1d6f043f62597 Certificate Info IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint09:C8:B5:37:B6:4B:6D:F1:A0:A2:F9:0B:E4:62:A7:03:E1:BE:8D:18 ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT HTTP Headers `GET /95033441dc3061b63ab4b9f847cc067f.jpg HTTP/1.1 Host: i.gyazo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 28 Dec 2023 13:47:19 GMT content-type: image/jpeg content-length: 756033 cf-ray: 83ca41229e1256a2-OSL cf-cache-status: HIT accept-ranges: bytes access-control-allow-origin: https://gyazo.com cache-control: public, max-age=31536000 etag: "9503" expires: Fri, 27 Dec 2024 13:47:18 GMT set-cookie: Gyazo_cfwoker=i; Secure; HttpOnly; SameSite=None; Expires=Tue, 01 Jan 2030 00:00:00 GMT vary: Accept-Encoding via: 1.1 google access-control-allow-credentials: true cf-bgj: h2pri x-cache-level: ZS server: cloudflare X-Firefox-Spdy: h2

	GET cdn.ampproject.org/rtv/012312012346000/ww.js	216.58.207.193	200 OK	14 kB
URL GET HTTPS cdn.ampproject.org/rtv/012312012346000/ww.js IP / ASN 216.58.207.193 #15169 GOOGLE Requested byhttps://sartikasamosir.com/ Resource Info File typeUnicode text, UTF-8 text, with very long lines (51900) First Seen2023-12-18 Last Seen2024-08-20 Times Seen13 Size14 kB (14435 bytes) MD54a040ec9be2918a5166561332a5e2cc6 SHA1e738957551849dd5009344a59823845467f43100 SHA256fc86fc37ff1669c88ff3e9829a845c62b1e296033836c5d6512c7f7446270914 Certificate Info IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT HTTP Headers `GET /rtv/012312012346000/ww.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/plain Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://sartikasamosir.com/ Origin: https://sartikasamosir.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 14435 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 23 Dec 2023 17:22:35 GMT expires: Sun, 22 Dec 2024 17:22:35 GMT cache-control: public, max-age=31536000 age: 419085 etag: "e78dfcc7e84f41f3" content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET i.ibb.co/BK4QKhk/ICON-GG38-PNG.png	162.19.58.158	200 OK	41 kB
URL GET HTTPS i.ibb.co/BK4QKhk/ICON-GG38-PNG.png IP / ASN 162.19.58.158 #16276 OVH SAS Requested byhttps://sartikasamosir.com/ Resource Info File typePNG image data, 300 x 220, 8-bit/color RGBA, non-interlaced First Seen2024-08-20 Last Seen2024-08-20 Times Seen1 Size41 kB (40595 bytes) MD59098bbf58cee12a3124a8d09bcd1d54a SHA12aee251caad19e01c78d126882e00315c9727e99 SHA256fa33ebd277fa93eb650476d913972b1a99866f837880ecd517ac3fe7e28c2b34 Certificate Info IssuerLet's Encrypt Subjectibb.co FingerprintFC:63:8C:C6:92:83:4E:13:94:18:9A:03:C2:BB:CC:F0:23:97:AA:8C ValiditySat, 09 Dec 2023 13:40:45 GMT - Fri, 08 Mar 2024 13:40:44 GMT HTTP Headers `GET /BK4QKhk/ICON-GG38-PNG.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 28 Dec 2023 13:47:20 GMT content-type: image/png content-length: 40595 last-modified: Sun, 13 Aug 2023 16:37:14 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	GET i.postimg.cc/057kQP48/icon-KUNING-20.png	162.19.88.69	404 Not Found	2.7 kB
URL GET HTTPS i.postimg.cc/057kQP48/icon-KUNING-20.png IP / ASN 162.19.88.69 #16276 OVH SAS Requested byhttps://sartikasamosir.com/ Resource Info File typePNG image data, 320 x 320, 4-bit colormap, non-interlaced First Seen2023-05-03 Last Seen2025-08-09 Times Seen1301 Size2.7 kB (2712 bytes) MD5ff125c736fd0092c080f73bb486d9ceb SHA1d790adffabc313b5d4b161ce4c696f4a0480f97a SHA2564815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420 Certificate Info IssuerLet's Encrypt Subjectpostimg.cc Fingerprint52:10:45:F0:9A:56:B6:08:FC:57:C5:41:7E:A8:18:09:D1:CD:30:42 ValiditySat, 23 Dec 2023 07:47:58 GMT - Fri, 22 Mar 2024 07:47:57 GMT HTTP Headers `GET /057kQP48/icon-KUNING-20.png HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 404 Not Found server: nginx date: Thu, 28 Dec 2023 13:47:20 GMT content-type: image/png content-length: 2712 X-Firefox-Spdy: h2`

	GET i.postimg.cc/65NqzT1g/Gacor-Pragmatic-Play.gif	162.19.88.69	404 Not Found	2.7 kB
URL GET HTTPS i.postimg.cc/65NqzT1g/Gacor-Pragmatic-Play.gif IP / ASN 162.19.88.69 #16276 OVH SAS Requested byhttps://sartikasamosir.com/ Resource Info File typePNG image data, 320 x 320, 4-bit colormap, non-interlaced First Seen2023-05-03 Last Seen2025-08-09 Times Seen1301 Size2.7 kB (2712 bytes) MD5ff125c736fd0092c080f73bb486d9ceb SHA1d790adffabc313b5d4b161ce4c696f4a0480f97a SHA2564815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420 Certificate Info IssuerLet's Encrypt Subjectpostimg.cc Fingerprint52:10:45:F0:9A:56:B6:08:FC:57:C5:41:7E:A8:18:09:D1:CD:30:42 ValiditySat, 23 Dec 2023 07:47:58 GMT - Fri, 22 Mar 2024 07:47:57 GMT HTTP Headers `GET /65NqzT1g/Gacor-Pragmatic-Play.gif HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 404 Not Found server: nginx date: Thu, 28 Dec 2023 13:47:20 GMT content-type: image/png content-length: 2712 X-Firefox-Spdy: h2`

	GET i.postimg.cc/8cL5NVsZ/Habanero.gif	162.19.88.69	404 Not Found	2.7 kB
URL GET HTTPS i.postimg.cc/8cL5NVsZ/Habanero.gif IP / ASN 162.19.88.69 #16276 OVH SAS Requested byhttps://sartikasamosir.com/ Resource Info File typePNG image data, 320 x 320, 4-bit colormap, non-interlaced First Seen2023-05-03 Last Seen2025-08-09 Times Seen1301 Size2.7 kB (2712 bytes) MD5ff125c736fd0092c080f73bb486d9ceb SHA1d790adffabc313b5d4b161ce4c696f4a0480f97a SHA2564815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420 Certificate Info IssuerLet's Encrypt Subjectpostimg.cc Fingerprint52:10:45:F0:9A:56:B6:08:FC:57:C5:41:7E:A8:18:09:D1:CD:30:42 ValiditySat, 23 Dec 2023 07:47:58 GMT - Fri, 22 Mar 2024 07:47:57 GMT HTTP Headers `GET /8cL5NVsZ/Habanero.gif HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 404 Not Found server: nginx date: Thu, 28 Dec 2023 13:47:20 GMT content-type: image/png content-length: 2712 X-Firefox-Spdy: h2`

	GET i.postimg.cc/rpvMmYB3/pgsoft.gif	162.19.88.69	404 Not Found	2.7 kB
URL GET HTTPS i.postimg.cc/rpvMmYB3/pgsoft.gif IP / ASN 162.19.88.69 #16276 OVH SAS Requested byhttps://sartikasamosir.com/ Resource Info File typePNG image data, 320 x 320, 4-bit colormap, non-interlaced First Seen2023-05-03 Last Seen2025-08-09 Times Seen1301 Size2.7 kB (2712 bytes) MD5ff125c736fd0092c080f73bb486d9ceb SHA1d790adffabc313b5d4b161ce4c696f4a0480f97a SHA2564815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420 Certificate Info IssuerLet's Encrypt Subjectpostimg.cc Fingerprint52:10:45:F0:9A:56:B6:08:FC:57:C5:41:7E:A8:18:09:D1:CD:30:42 ValiditySat, 23 Dec 2023 07:47:58 GMT - Fri, 22 Mar 2024 07:47:57 GMT HTTP Headers `GET /rpvMmYB3/pgsoft.gif HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 404 Not Found server: nginx date: Thu, 28 Dec 2023 13:47:20 GMT content-type: image/png content-length: 2712 X-Firefox-Spdy: h2`

	GET sartikasamosir.com/	104.21.86.216	200 OK	48 kB
URL GET HTTPS sartikasamosir.com/ IP / ASN 104.21.86.216 #13335 CLOUDFLARENET Requested byhttps://sartikasamosir.com/ Resource Info File typeHTML document, ASCII text, with CRLF line terminators First Seen2024-08-20 Last Seen2024-08-20 Times Seen1 Size48 kB (47541 bytes) MD588f2101c6df0cec8acee1c71864aba47 SHA18b370ce0ef35da829b0bc2820ea91b054b4dc0ad SHA256cb26823191750ff255622d9a9446725c82ce44a688e50959c32659d9e3f58ccf Certificate Info IssuerLet's Encrypt Subjectsartikasamosir.com FingerprintFE:BE:5D:B0:DA:5A:3F:8A:26:B4:D3:5D:C1:6C:00:01:07:9D:8D:1B ValiditySat, 09 Dec 2023 06:54:43 GMT - Fri, 08 Mar 2024 06:54:42 GMT HTTP Headers `GET / HTTP/1.1 Host: sartikasamosir.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 28 Dec 2023 13:47:18 GMT content-type: text/html last-modified: Tue, 15 Aug 2023 20:21:07 GMT cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1zJGPFtLVAVxpyRqogkP11rStRcwCje6DGh9HdRSxDIFPIVZSmZMyJoT04dQGpC3YPDNXSSmMokfVecAzm6HoKxyza0CDUMWmQOz9UMGpxLot4sDm5znxAHiHZTKtmgHiEoAvQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83ca4122881956a8-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	GET cdn.ampproject.org/v0/amp-bind-0.1.js	216.58.207.193	200 OK	52 kB
URL GET HTTPS cdn.ampproject.org/v0/amp-bind-0.1.js IP / ASN 216.58.207.193 #15169 GOOGLE Requested byhttps://sartikasamosir.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-10 Times Seen5753540 Size52 kB (51563 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com FingerprintCC:43:B8:B1:97:47:17:A9:AD:50:52:49:F8:17:A6:48:24:6F:9D:79 ValidityMon, 20 Nov 2023 08:03:51 GMT - Mon, 12 Feb 2024 08:03:50 GMT HTTP Headers `GET /v0/amp-bind-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 16384 date: Thu, 28 Dec 2023 13:47:18 GMT expires: Thu, 28 Dec 2023 13:47:18 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "955c3f88d7ef8ae3" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET i.postimg.cc/d1rYLj4W/icon-KUNING-11.png	0.0.0.0		0 B
URL GET HTTPS i.postimg.cc/d1rYLj4W/icon-KUNING-11.png IP / ASN 0.0.0.0 #0 Requested byhttps://sartikasamosir.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-10 Times Seen5753540 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerLet's Encrypt Subjectpostimg.cc Fingerprint52:10:45:F0:9A:56:B6:08:FC:57:C5:41:7E:A8:18:09:D1:CD:30:42 ValiditySat, 23 Dec 2023 07:47:58 GMT - Fri, 22 Mar 2024 07:47:57 GMT HTTP Headers `GET /d1rYLj4W/icon-KUNING-11.png HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	GET i.postimg.cc/vT64BGw2/icon-KUNING-login.png	0.0.0.0		0 B
URL GET HTTPS i.postimg.cc/vT64BGw2/icon-KUNING-login.png IP / ASN 0.0.0.0 #0 Requested byhttps://sartikasamosir.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-10 Times Seen5753540 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerLet's Encrypt Subjectpostimg.cc Fingerprint52:10:45:F0:9A:56:B6:08:FC:57:C5:41:7E:A8:18:09:D1:CD:30:42 ValiditySat, 23 Dec 2023 07:47:58 GMT - Fri, 22 Mar 2024 07:47:57 GMT HTTP Headers `GET /vT64BGw2/icon-KUNING-login.png HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	GET i.postimg.cc/8cdNnmvF/icon-KUNING-18.png	0.0.0.0		0 B
URL GET HTTPS i.postimg.cc/8cdNnmvF/icon-KUNING-18.png IP / ASN 0.0.0.0 #0 Requested byhttps://sartikasamosir.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-10 Times Seen5753540 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerLet's Encrypt Subjectpostimg.cc Fingerprint52:10:45:F0:9A:56:B6:08:FC:57:C5:41:7E:A8:18:09:D1:CD:30:42 ValiditySat, 23 Dec 2023 07:47:58 GMT - Fri, 22 Mar 2024 07:47:57 GMT HTTP Headers `GET /8cdNnmvF/icon-KUNING-18.png HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://sartikasamosir.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

HTTP Transactions (22)

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers