organisasi.bulungan.go.id Open in urlscan Pro
103.131.61.194 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://organisasi.bulungan.go.id/public/vxUDsX4xBUD2yBeN63aWk6Mcm7q1Iyx1
Effective URL:
http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Submission: On May 11 via api (May 11th 2023, 3:21:21 pm UTC) from US — Scanned from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 103.131.61.194, located in Indonesia and belongs to IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID. The main domain is organisasi.bulungan.go.id. The Cisco Umbrella rank of the primary domain is 885775.

This is the only time organisasi.bulungan.go.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
3 10	103.131.61.194 103.131.61.194	138126 (IDNIC-NEW...) (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA)
2	2606:4700:303... 2606:4700:3037::ac43:a669	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.23.52 104.18.23.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:ea91	() ()
4	2606:4700:e0:... 2606:4700:e0::ac40:640a	() ()
1	18.238.4.47 18.238.4.47	() ()
1	54.155.69.66 54.155.69.66	() ()
1	104.198.23.205 104.198.23.205	() ()
26	10

10 103.131.61.194 (Indonesia) 3 redirects

ASN138126 (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID)

organisasi.bulungan.go.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:a669 (United States)

ASN13335 (CLOUDFLARENET, US)

files.killbot.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.23.52 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea91 (None, )

ASN- ()

cdn.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:640a (None, )

ASN- ()

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.47 (None, )

ASN- ()

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.69.66 (None, )

ASN- ()

csmetrics.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.23.205 (None, )

ASN- ()

r.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bulungan.go.id 3 redirects organisasi.bulungan.go.id — Cisco Umbrella Rank: 885775	2 MB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1602 ka-f.fontawesome.com	34 KB
2	hotjar.com static.hotjar.com csmetrics.hotjar.com	4 KB
2	lr-in.com cdn.lr-in.com r.lr-in.com	163 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	82 KB
2	killbot.org files.killbot.org
0	Failed function sub() { [native code] }. Failed
26	7

	Domain	Requested by
10	organisasi.bulungan.go.id	3 redirects organisasi.bulungan.go.id
4	ka-f.fontawesome.com	kit.fontawesome.com
2	cdnjs.cloudflare.com	organisasi.bulungan.go.id cdnjs.cloudflare.com
2	files.killbot.org	organisasi.bulungan.go.id
1	r.lr-in.com	cdn.lr-in.com
1	csmetrics.hotjar.com	static.hotjar.com
1	static.hotjar.com	organisasi.bulungan.go.id
1	cdn.lr-in.com	organisasi.bulungan.go.id
1	kit.fontawesome.com	organisasi.bulungan.go.id
0	eofcbnmajmjmplflapaojjnihcjkigck Failed	organisasi.bulungan.go.id
26	10

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-29` - `2023-06-28`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
api.logrocket.com R3	`2023-05-09` - `2023-08-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Frame ID: 3BF4EA604382097AE4B207E0BEB06D90
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL

Page URL History Show full URLs

http://organisasi.bulungan.go.id/public/vxUDsX4xBUD2yBeN63aWk6Mcm7q1Iyx1 HTTP 302
http://organisasi.bulungan.go.id/public HTTP 301
http://organisasi.bulungan.go.id/public/ Page URL
http://organisasi.bulungan.go.id/WJgup5dPeTUFlz2My824mcXlggdJSxzw/ HTTP 301
http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

26
Requests

50 %
HTTPS

44 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

2410 kB
Transfer

3657 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://organisasi.bulungan.go.id/public/vxUDsX4xBUD2yBeN63aWk6Mcm7q1Iyx1 HTTP 302
http://organisasi.bulungan.go.id/public HTTP 301
http://organisasi.bulungan.go.id/public/ Page URL
http://organisasi.bulungan.go.id/WJgup5dPeTUFlz2My824mcXlggdJSxzw/ HTTP 301
http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://organisasi.bulungan.go.id/public/vxUDsX4xBUD2yBeN63aWk6Mcm7q1Iyx1 HTTP 302
http://organisasi.bulungan.go.id/public HTTP 301
http://organisasi.bulungan.go.id/public/

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
organisasi.bulungan.go.id/public/
Redirect Chain

http://organisasi.bulungan.go.id/public/vxUDsX4xBUD2yBeN63aWk6Mcm7q1Iyx1
http://organisasi.bulungan.go.id/public
http://organisasi.bulungan.go.id/public/

539 B
2 KB

5650ms
5650ms

Document
text/html

103.131.61.194
IDNIC-NEWTON-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: http://organisasi.bulungan.go.id/public/
Protocol: HTTP/1.1
Server: 103.131.61.194 , Indonesia, ASN138126 (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 May 2023 15:20:40 GMT
Keep-Alive: timeout=5, max=98
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 248
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 11 May 2023 15:20:34 GMT
Keep-Alive: timeout=5, max=99
Location: http://organisasi.bulungan.go.id/public/
Server: Apache

GET
H2 404 killbot-security.js
files.killbot.org/.cdn-cgi/ 0
0 191ms
113ms Script
text/html 2606:4700:3037::ac43:a669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.killbot.org/.cdn-cgi/killbot-security.js
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H/1.1

200
OK

Primary Request WJgup5dPeTUFlz2My824mcXlggdJSxzw Show response
organisasi.bulungan.go.id/public/
Redirect Chain

http://organisasi.bulungan.go.id/WJgup5dPeTUFlz2My824mcXlggdJSxzw/
http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw

59 KB
60 KB

23340ms
23340ms

Document
text/html

103.131.61.194
IDNIC-NEWTON-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/
Protocol: HTTP/1.1
Server: 103.131.61.194 , Indonesia, ASN138126 (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID),
Reverse DNS
Software: Apache /
Resource Hash: 2e22072f03c554416065d1760cce13985bc26431f9bd6cb48aa5e9da5d3c1df8

Request headers

Referer: http://organisasi.bulungan.go.id/public/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 May 2023 15:21:04 GMT
Keep-Alive: timeout=5, max=96
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 280
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 11 May 2023 15:20:41 GMT
Keep-Alive: timeout=5, max=97
Location: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Server: Apache

GET
H2 200 f7165dd215.js Show response
kit.fontawesome.com/ 11 KB
4 KB 768ms
55ms Script
text/javascript 104.18.23.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/f7165dd215.js

Requested by

Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f44707c58bd1aa50390f380e2bba05f361e33e4c784856f2d0c2ce3fbd6501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: http://organisasi.bulungan.go.id/
Origin: http://organisasi.bulungan.go.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:05 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7c5b68e1de3367e4-MIA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F14f-IcvK01FsUBeC9Fi

GET
H2 404 killbot-security.js
files.killbot.org/.cdn-cgi/ 0
0 80ms
0ms Script
text/html 2606:4700:3037::ac43:a669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.killbot.org/.cdn-cgi/killbot-security.js
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H/1.1 200
OK app.css
organisasi.bulungan.go.id/public/css/ 429 KB
430 KB 317ms
306ms Stylesheet
text/css 103.131.61.194
IDNIC-NEWTON-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: http://organisasi.bulungan.go.id/public/css/app.css
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Protocol: HTTP/1.1
Server: 103.131.61.194 , Indonesia, ASN138126 (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID),
Reverse DNS
Software: Apache /
Resource Hash: 36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 15:21:04 GMT
Last-Modified: Wed, 30 Mar 2022 04:11:08 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 439658

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 167ms
48ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 592658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEb9tfw54zb4K0ssBTT78ocyNj3LDUqNDLyqJSN7GFwkBIUlr8okdh86xzlnecUwig4jsyW0hIkmkzFccXVKjpjL2P43qxumyMLLT4YyWeMP5YfAno6fRJH%2BOxLiKJ%2BVKMm3MOxADbFgy7jA5v2lBdmo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c5b68de2a801277-MIA
expires: Tue, 30 Apr 2024 15:21:04 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-in.com/ 822 KB
163 KB 1272ms
63ms Script
text/javascript 2606:4700:3038::6815:ea91

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in.com/logger-1.min.js

Requested by

Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea91 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c66a3e787cd9ba60a23a4c4db5f04a6c6d6dced9a419f6ca2564931001f7813a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:06 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-mia-kmia1760034-MIA
last-modified: Thu, 11 May 2023 13:33:09 GMT
server: cloudflare
x-timer: S1683812128.547389,VS0,VE1
etag: W/"f95b8c58a1b37589ee5efffabf112da13d65071b40c962316bb0246dce246ac6"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXSxU0ig5p1KM%2Fy%2Bdrka5ILE9lMq43kRDIbRAW0%2F%2FpiyPU8wxlggwfmzh0c%2FOrKnWALdxLPkfNsFjC0%2BsZTXzKvlBRRO0nawkVkIUGcszYXDoV3O4i1r%2BTYhxeu7truGSJDFQou5l1D7Z1uu"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7c5b68e9db236dc7-MIA
x-cache-hits: 1

GET fonts.css
eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/ 0
0

GET
H/1.1 200
OK logo.png
organisasi.bulungan.go.id/images/ 2 KB
2 KB 7169ms
6895ms Image
image/png 103.131.61.194
IDNIC-NEWTON-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://organisasi.bulungan.go.id/images/logo.png
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Protocol: HTTP/1.1
Server: 103.131.61.194 , Indonesia, ASN138126 (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID),
Reverse DNS
Software: Apache /
Resource Hash: 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 15:21:12 GMT
Last-Modified: Sun, 17 Apr 2022 21:24:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1998

GET
H/1.1 200
OK all.png
organisasi.bulungan.go.id/images/ 12 KB
12 KB 7197ms
6921ms Image
image/png 103.131.61.194
IDNIC-NEWTON-AS-I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://organisasi.bulungan.go.id/images/all.png
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Protocol: HTTP/1.1
Server: 103.131.61.194 , Indonesia, ASN138126 (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID),
Reverse DNS
Software: Apache /
Resource Hash: c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 15:21:12 GMT
Last-Modified: Sun, 17 Apr 2022 21:24:34 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12499

GET foo.png
organisasi.bulungan.go.id/images/ 0
0

GET
H/1.1 200
OK app.js Show response
organisasi.bulungan.go.id/public/js/ 2 MB
2 MB 280ms
279ms Script
application/javascript 103.131.61.194
IDNIC-NEWTON-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: http://organisasi.bulungan.go.id/public/js/app.js
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Protocol: HTTP/1.1
Server: 103.131.61.194 , Indonesia, ASN138126 (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID),
Reverse DNS
Software: Apache /
Resource Hash: 399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 15:21:05 GMT
Last-Modified: Wed, 30 Mar 2022 03:35:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1613806

GET
H/1.1 200
OK session-recorder.js Show response
organisasi.bulungan.go.id/public/js/ 44 KB
44 KB 7127ms
6855ms Script
application/javascript 103.131.61.194
IDNIC-NEWTON-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL: http://organisasi.bulungan.go.id/public/js/session-recorder.js
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Protocol: HTTP/1.1
Server: 103.131.61.194 , Indonesia, ASN138126 (IDNIC-NEWTON-AS-ID PT. NEWTON CIPTA INFORMATIKA, ID),
Reverse DNS
Software: Apache /
Resource Hash: 67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 15:21:12 GMT
Last-Modified: Wed, 30 Mar 2022 03:35:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 45066

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.4.0/css/ 100 KB
23 KB 1265ms
51ms Fetch
text/css 2606:4700:e0::ac40:640a

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=f7165dd215
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f7165dd215.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:06 GMT
via: 1.1 d3a3e5a04148321a2fffc93222f89fa2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 81523
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 21:29:21 GMT
server: cloudflare
etag: W/"5febfb939e2fc4ddf14fffae53b72cf0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxCoIlP9QJ2fER1EKTfdtFJZ1cbPYjpVMjLXfe4kr7ptyEODMkYhJZp4KL%2Fa96CPX%2F1f3rFhm8YXUnJwXr5%2BimV8KfQDV3%2BK71RIn71GGZhghdczXH5Ko58cLdq6tbRebNv89KA3EB7StUknh4Y%2BpWXZnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7c5b68e9dfbb333d-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 2b72RsYLDTiD6YS8SiuJYInu2oesE3U6Ump5ripmNCvbwIazydagmw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.4.0/css/ 27 KB
5 KB 1262ms
49ms Fetch
text/css 2606:4700:e0::ac40:640a

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=f7165dd215
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f7165dd215.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:06 GMT
via: 1.1 96ec34ce0a0b54341f66006912ddc5d4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 172130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
server: cloudflare
etag: W/"5193a6de5225940ae4ef5f7c82126be9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euxUMy7llKwwU3Nb%2Fnw3wCaxFy9mcp1QCHF3nWqojPA3TtDab51Zl6G0Bdo2kV0rztS9u9Jz2CXzhIz45DPlZXsLxIFKxkWaiLdNMlcTVEXaj4s%2FFMJF%2FKylJcBcK62Zy1wDCPMRrjsLzBhEOUwSlvF%2B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7c5b68e9dfbd333d-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: kDerGiiq1oj6JmV6mF7tCku8VTkbA06FuCKMTrKZ9kaP8QqnQhhGXg==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.0/css/ 823 B
724 B 1259ms
46ms Fetch
text/css 2606:4700:e0::ac40:640a

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=f7165dd215
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f7165dd215.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:06 GMT
via: 1.1 eb083428a00073810c04a8eb17b6bb24.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
server: cloudflare
etag: W/"5856e3f07fbc36fc4d430a95a577a87f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93Uc0De0pIhXpa7zmRFJC5mkhlOSVtQPiRLX0lsT8X2vu2vWoXGJHq%2BQ77KRxysVrydoXauHjOli6ThROGN9R%2F%2Fj4nVY%2BQK%2BfjXtlKzouH9VmT8XI1eEgPsliC8m5zOx0TEC4rXmHS%2BtLWY81uetyMjbpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7c5b68e9dfc0333d-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: sKzqN9NGY5HzEMhbeq9dpYWdHUncqSIdfQlMimPzcMo1UkM0PeB64w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.0/css/ 2 KB
1 KB 1257ms
45ms Fetch
text/css 2606:4700:e0::ac40:640a

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=f7165dd215
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f7165dd215.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640a -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:06 GMT
via: 1.1 cf3d1f97e96a04720e63ac8b1955ac3e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 21:29:20 GMT
server: cloudflare
etag: W/"9e7f9f634ace089bcdacc3fcc5f23ce5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbAZDl%2BH1tVg6ZAyf5iyOqhBI%2F%2BVY1JVigcbxi0hT8Vbkn0IvIEY0D8oIff6GTg464xwMVBCa0VY4OLM%2FH9RSLWolnO6C52SNCOzSBq67Go1STH5Qk38WHawR%2BEgTFoKfP0DQTbBdlJAW%2BEKITP6RR%2BGqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7c5b68e9dfc3333d-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: kwarN8xxOjgKBKm4Wu2TDdNZLzWy2yLkFtgs0T7TGhyTjqN736EUug==

GET roboto-latin-400-normal.woff2
organisasi.bulungan.go.id/fonts/vendor/@fontsource/roboto/files/ 0
0

GET
H2 200 hotjar-2895475.js Show response
static.hotjar.com/c/ 9 KB
4 KB 209ms
68ms Script
application/javascript 18.238.4.47

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2895475.js?sv=6

Requested by

Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 -, , ASN (),

Reverse DNS

Software

Resource Hash

cdff215f16a7f11254af3d304e4aff13301dd2dfdf727b50279e8dffcf23b5af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 11 May 2023 15:20:09 GMT
via: 1.1 be2c2de1ae578e4915f9466876d9de46.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 58
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/414f18f666e88a396f4bc899a5f6e394
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: t25nzJM4vEZUjBqwFdbZ8LS5nfN5IU3jWs81P6Sc3iaEmiUAXC63Gg==

GET webfa-solid-900.woff2
organisasi.bulungan.go.id/fonts/vendor/@fortawesome/fontawesome-free/ 0
0

GET webfa-brands-400.woff2
organisasi.bulungan.go.id/public/css/fonts/ 0
0

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 102ms
50ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://organisasi.bulungan.go.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:07 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1128715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wZS9YNPD6A2SjwY5Evu9mQgRiTK4W42hP2404Wt7Ntub2UzhRlMMlErM5vuC0mLCZq7GlZdJ1lBZKCYart44w4vKKq3MfIdc86GYVD6xpsdOsdJnkr3rgKtdAZNKCSct6WFubGCeF%2F5do7QBI5esphi"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c5b68ededdc8dc1-MIA
expires: Tue, 30 Apr 2024 15:21:07 GMT

POST
H2 204 /
csmetrics.hotjar.com/ 0
70 B 906ms
146ms Ping
text/plain 54.155.69.66

General

Check archive.org

Show headers Download Go to

Full URL: https://csmetrics.hotjar.com/?v=3
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2895475.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.69.66 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://organisasi.bulungan.go.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 11 May 2023 15:21:10 GMT
vary: Origin

GET
BLOB 200
OK 7e1f57b7-2cb7-4b0e-bc93-e84147ac7022
http://organisasi.bulungan.go.id/ 457 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://organisasi.bulungan.go.id/7e1f57b7-2cb7-4b0e-bc93-e84147ac7022
Requested by: Host: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 556f564a4f617473bad08cf6def66ea0fc7e33d449f647cf489a20460f11ee6a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/public/WJgup5dPeTUFlz2My824mcXlggdJSxzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 467590
Content-Type

POST
H2 201 i Show response
r.lr-in.com/ 104 B
581 B 1133ms
316ms XHR
application/json 104.198.23.205

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-in.com/i?a=mnnzup%2Fdus&r=5-8fc7b311-e824-4fcb-8209-1ae5a9e2975c&t=e12f7c02-cdcc-48fc-882a-415c597f9420&s=0&rs=0%2Cu&u=52a0ffa8-3f16-432e-91b6-38325f92e97c&is=1

Requested by

Host: cdn.lr-in.com
URL: https://cdn.lr-in.com/logger-1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 -, , ASN (),

Reverse DNS

Software

/ Express

Resource Hash

56c57ddb04140a37df2f0b9ae80dbdd58368da58e2705746420039eeb6a60b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://organisasi.bulungan.go.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:21:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"68-bKW1I+6ujOEijWzRIER2LWMXtxA"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
content-length: 104

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eofcbnmajmjmplflapaojjnihcjkigck
URL: chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/fonts.css

Domain: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/images/foo.png

Domain: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b

Domain: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80

Domain: organisasi.bulungan.go.id
URL: http://organisasi.bulungan.go.id/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			organisasi.bulungan.go.id/	1970-01-20 11:43:45	Name: XSRF-TOKEN Value: eyJpdiI6IjJtWVVpbFh5TFZBY0ZNK0psTWVDV2c9PSIsInZhbHVlIjoiTWVNZlFVemJoa3dRdmJtU0xHTWdKSDNER1hnamp4Tm1Na1E1bWxtVEcwSlB5S0o0NUFyM2UrVDZKajUxcFpUVEFkLzA1ZmdoWXRzM0UxVzljN0g3RDByZ0VxNFJEVzhoSzI2dDV4UTFwalNndkZRcC83TlNjQUxFZ002ZXIramMiLCJtYWMiOiJhMzRlMmQ5MTAxNmUxODNhMTZlZTRjNmNhZGRkNjAyZWU5OTdkMTNiYWUzOWRhZWUxZTFiMGNiYzQ5YjRkN2I4IiwidGFnIjoiIn0%3D
			organisasi.bulungan.go.id/	1970-01-20 11:43:45	Name: laravel_session Value: eyJpdiI6IlNTNlQ0OWxxd2hWZVpDaHZ4clhacHc9PSIsInZhbHVlIjoiRVRhcldaMlVLQTZ1emhtWGw1NElZSVdiTXgvYjQrYk01dkdoaEZKelNWcGZscHlMMHVyWi9XOUNpalJvODgxbzlnY0xJOXdnYnl1L1pmclErYzhFVWJlNTBJK1piNXB4Q29TQTFzUTNYanVzMUVEQmFEeEluVk5RRDZvazIyUFQiLCJtYWMiOiI0ZDZiNTFkNjYwNjJlYzhlYzU1NWUyNzFjZTllYzIwNDg2ZWZhMjNhZmU3MzNmYzk4YzQzMzJiZWQ4MmExMjFlIiwidGFnIjoiIn0%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://files.killbot.org/.cdn-cgi/killbot-security.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://files.killbot.org/.cdn-cgi/killbot-security.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/fonts.css Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.lr-in.com
cdnjs.cloudflare.com
csmetrics.hotjar.com
eofcbnmajmjmplflapaojjnihcjkigck
files.killbot.org
ka-f.fontawesome.com
kit.fontawesome.com
organisasi.bulungan.go.id
r.lr-in.com
static.hotjar.com
eofcbnmajmjmplflapaojjnihcjkigck
organisasi.bulungan.go.id
103.131.61.194
104.18.23.52
104.198.23.205
18.238.4.47
2606:4700:3037::ac43:a669
2606:4700:3038::6815:ea91
2606:4700::6811:180e
2606:4700:e0::ac40:640a
54.155.69.66
2e22072f03c554416065d1760cce13985bc26431f9bd6cb48aa5e9da5d3c1df8
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575
556f564a4f617473bad08cf6def66ea0fc7e33d449f647cf489a20460f11ee6a
55f44707c58bd1aa50390f380e2bba05f361e33e4c784856f2d0c2ce3fbd6501
56c57ddb04140a37df2f0b9ae80dbdd58368da58e2705746420039eeb6a60b90
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
c66a3e787cd9ba60a23a4c4db5f04a6c6d6dced9a419f6ca2564931001f7813a
cdff215f16a7f11254af3d304e4aff13301dd2dfdf727b50279e8dffcf23b5af
d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1

organisasi.bulungan.go.id Open in urlscan Pro 103.131.61.194 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

50 %HTTPS

44 %IPv6

7 Domains

10 Subdomains

10 IPs

3 Countries

2410 kBTransfer

3657 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

26 JavaScript Global Variables

2 Cookies

3 Console Messages

Indicators

organisasi.bulungan.go.id Open in urlscan Pro
103.131.61.194 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

50 %
HTTPS

44 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

2410 kB
Transfer

3657 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!