urlscan.io logo urlscan.io
SecurityTrails logo

boss.bekasikab.go.id Open in urlscan Pro
103.105.196.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://boss.bekasikab.go.id/assets/uploads/user_202406301847213632.html
Submission Tags: @phish_report
Submission: On October 01 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 7 HTTP transactions. The main IP is 103.105.196.20, located in Cikarang Satu, Indonesia and belongs to IDNIC-PEMDAKAB-BEKASI-AS-ID DINAS KOMUNIKASI DAN INFORMATIKA KAB. BEKASI, ID. The main domain is boss.bekasikab.go.id.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 18th 2024. Valid for: a year.
This is the only time boss.bekasikab.go.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.105.196.20 137287 (IDNIC-PEM...)
1 104.17.25.14 13335 (CLOUDFLAR...)
3 185.199.111.133 54113 (FASTLY)
1 1 140.82.121.4 36459 (GITHUB)
2 2.19.224.32 16625 (AKAMAI-AS)
7 4
1    103.105.196.20 (Cikarang Satu, Indonesia)

ASN137287 (IDNIC-PEMDAKAB-BEKASI-AS-ID DINAS KOMUNIKASI DAN INFORMATIKA KAB. BEKASI, ID)
boss.bekasikab.go.id
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    185.199.111.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-133.github.com
raw.githubusercontent.com
1    140.82.121.4 (Frankfurt am Main, Germany)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-4-fra.github.com
github.com
2    2.19.224.32 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-32.deploy.static.akamaitechnologies.com
res.cloudinary.com
Apex Domain
Subdomains		 Transfer
3 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4624
1 MB
2 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 3161
776 B
1 github.com
github.com — Cisco Umbrella Rank: 2791
4 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
65 KB
1 bekasikab.go.id
boss.bekasikab.go.id
1 KB
7 5
Domain Requested by
3 raw.githubusercontent.com boss.bekasikab.go.id
2 res.cloudinary.com
1 github.com 1 redirects
1 cdnjs.cloudflare.com boss.bekasikab.go.id
1 boss.bekasikab.go.id
7 5

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
*.bekasikab.go.id
Sectigo RSA Domain Validation Secure Server CA		 2024-06-18 -
2025-06-18		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-18 -
2025-01-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://boss.bekasikab.go.id/assets/uploads/user_202406301847213632.html
Frame ID: AE72BC33D68C1070D583FABD2DC3304C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hacked By Sle3py

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

1152 kB
Transfer

1347 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://github.com/m0chAvIn/mnyla/raw/main/satan2.mp3?raw=true HTTP 302
  • https://raw.githubusercontent.com/m0chAvIn/mnyla/main/satan2.mp3

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request user_202406301847213632.html
boss.bekasikab.go.id/assets/uploads/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://boss.bekasikab.go.id/assets/uploads/user_202406301847213632.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.105.196.20 Cikarang Satu, Indonesia, ASN137287 (IDNIC-PEMDAKAB-BEKASI-AS-ID DINAS KOMUNIKASI DAN INFORMATIKA KAB. BEKASI, ID),
Reverse DNS
Software
Apache /
Resource Hash
d32dd2e4162e0ab9102ec48ecda86d95eaf2b1cc32030aa1da8fa57bb74f0e40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1084
Content-Type
text/html
Date
Tue, 01 Oct 2024 15:05:54 GMT
ETag
"9a3-61c1a0b17eb8c-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Sun, 30 Jun 2024 11:47:21 GMT
Server
Apache
Vary
Accept-Encoding
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 		262 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.js
Requested by
Host: boss.bekasikab.go.id
URL: https://boss.bekasikab.go.id/assets/uploads/user_202406301847213632.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://boss.bekasikab.go.id/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-41707"
age
571501
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WshCPbAHOFFnWNaV2jsDbeTWqiItenjamkzkOaDMP9KHpiFuvORMvAqxaFuvssRoty4DAOfADRpH6N2nXcLZBc9ftWJ0oSb0b4L8Y9tgEwxxO3y6TqsaQHIbWZFafdFFZjoc0HW"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 21 Sep 2025 15:05:55 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 01 Oct 2024 15:05:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cbd5a8729028d7b-HEL
accept-ranges
bytes
access-control-allow-origin
*
content-length
66006
server
cloudflare
hey%20ges.png
raw.githubusercontent.com/m0chAvIn/bypass-shell/main/ 		292 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/m0chAvIn/bypass-shell/main/hey%20ges.png
Requested by
Host: boss.bekasikab.go.id
URL: https://boss.bekasikab.go.id/assets/uploads/user_202406301847213632.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-133.github.com
Software
/
Resource Hash
3dd431051230620dc97291869b5ce205d28b216dd53d901f997c1d5ae40d1ce5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://boss.bekasikab.go.id/

Response headers

x-fastly-request-id
9770c78d0d6be028d2c763c7af32b297ddc2c7e6
etag
W/"ea55f5ad4d34650cfc5f83cd1a301d31527460956149d1fafbefccfb38f81339"
x-content-type-options
nosniff
x-github-request-id
304E:3C7A77:2EDCFDC:3138DDF:66FC0FD2
expires
Tue, 01 Oct 2024 15:10:55 GMT
x-cache
MISS
date
Tue, 01 Oct 2024 15:05:55 GMT
content-type
image/png
x-served-by
cache-hel1410020-HEL
x-cache-hits
0
source-age
0
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1727795155.060850,VS0,VE172
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
299162
x-xss-protection
1; mode=block
Sle3py.png
raw.githubusercontent.com/m0chAvIn/bypass-shell/main/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/m0chAvIn/bypass-shell/main/Sle3py.png
Requested by
Host: boss.bekasikab.go.id
URL: https://boss.bekasikab.go.id/assets/uploads/user_202406301847213632.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-133.github.com
Software
/
Resource Hash
50d92184ef6f2643a400b7e7c6c9d26380eaa41bf3f0236b2e0dbe7bae49b33f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://boss.bekasikab.go.id/

Response headers

x-fastly-request-id
52d140a44fae4ae6057705b49ad119821f987ad6
etag
W/"d8f3a01cae6123bef8bc85f5d2dea6bc8aaee9a0f46e27a65db1d769582cc5fa"
x-content-type-options
nosniff
x-github-request-id
DF4A:2221:268BFA:27DF38:66FC0FD2
expires
Tue, 01 Oct 2024 15:10:55 GMT
x-cache
MISS
date
Tue, 01 Oct 2024 15:05:55 GMT
content-type
image/png
x-served-by
cache-hel1410020-HEL
x-cache-hits
0
source-age
0
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1727795155.060830,VS0,VE237
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
89657
x-xss-protection
1; mode=block
satan2.mp3
raw.githubusercontent.com/m0chAvIn/mnyla/main/
Redirect Chain
  • https://github.com/m0chAvIn/mnyla/raw/main/satan2.mp3?raw=true
  • https://raw.githubusercontent.com/m0chAvIn/mnyla/main/satan2.mp3
704 KB
704 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/m0chAvIn/mnyla/main/satan2.mp3
Requested by
Host: boss.bekasikab.go.id
URL: https://boss.bekasikab.go.id/assets/uploads/user_202406301847213632.html
Protocol
H2
Server
185.199.111.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-133.github.com
Software
/
Resource Hash
53ea122a67d452c9c238ccaf6bf5dfe1d2d7387e13fc7b48178d71692f39de4a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://boss.bekasikab.go.id/

Response headers

x-fastly-request-id
af2870edcf6f2c11547a087e81b4e54d28f805bb
etag
"dafcaeaed8b20affc1fa5faa0c59d522a54bb1f348766e29ef1fd5c6c31cad03"
x-content-type-options
nosniff
x-github-request-id
DDE1:3D6455:21B6E44:2361C36:66FC0FD4
expires
Tue, 01 Oct 2024 15:10:56 GMT
x-cache
MISS
date
Tue, 01 Oct 2024 15:05:56 GMT
content-disposition
attachment; filename=satan2.mp3
content-type
audio/mpeg
x-served-by
cache-hel1410020-HEL
x-cache-hits
0
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1727795156.498413,VS0,VE292
source-age
0
cross-origin-resource-policy
cross-origin
Content-Range
bytes 0-720383/720384
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
720384
x-xss-protection
1; mode=block

Redirect headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
cache-control
no-cache
location
https://raw.githubusercontent.com/m0chAvIn/mnyla/main/satan2.mp3
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-github-request-id
D1E5:1F2E20:7CA3131:7EB1476:66FC0FD3
access-control-allow-origin
content-length
0
date
Tue, 01 Oct 2024 15:05:55 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
server
GitHub.com
x-frame-options
deny
hey_ges_xznduk.png
res.cloudinary.com/dduxgerpr/image/upload/v1713937441/ 		0
388 B 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/dduxgerpr/image/upload/v1713937441/hey_ges_xznduk.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.224.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-32.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://boss.bekasikab.go.id/

Response headers

strict-transport-security
max-age=604800
cache-control
private, no-transform, max-age=0, no-cache
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error
timing-allow-origin
*
pragma
no-cache
content-transfer-encoding
binary
accept-ranges
bytes
access-control-allow-origin
*
x-cld-error
dduxgerpr cannot be accessed via this endpoint
content-length
0
server-timing
cld-akam;dur=46;start=2024-10-01T15:05:57.432Z;desc=synth,rtt;dur=81
date
Tue, 01 Oct 2024 15:05:57 GMT
content-type
text/html
content-disposition
inline
server
Cloudinary
hey_ges_xznduk.png
res.cloudinary.com/dduxgerpr/image/upload/v1713937441/ 		0
388 B 		Other
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/dduxgerpr/image/upload/v1713937441/hey_ges_xznduk.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.224.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-32.deploy.static.akamaitechnologies.com
Software
Cloudinary /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://boss.bekasikab.go.id/

Response headers

strict-transport-security
max-age=604800
cache-control
private, no-transform, max-age=0, no-cache
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error
timing-allow-origin
*
pragma
no-cache
content-transfer-encoding
binary
accept-ranges
bytes
access-control-allow-origin
*
x-cld-error
dduxgerpr cannot be accessed via this endpoint
content-length
0
server-timing
cld-akam;dur=8;start=2024-10-01T15:05:57.606Z;desc=synth,rtt;dur=72
date
Tue, 01 Oct 2024 15:05:57 GMT
content-type
text/html
content-disposition
inline
server
Cloudinary

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| myFunction

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://res.cloudinary.com/dduxgerpr/image/upload/v1713937441/hey_ges_xznduk.png
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://res.cloudinary.com/dduxgerpr/image/upload/v1713937441/hey_ges_xznduk.png
Message:
Failed to load resource: the server responded with a status of 401 ()