GeneralInformation

Hostnames	superapp-stagging.bandung.go.id
Domains	bandung.go.id
Country	Indonesia
City	Bandung
Organization	Pemerintah Kota Bandung
ISP	Pemerintah Kota Bandung
ASN	AS136101

WebTechnologies

A/B Testing

OneSignal

Authentication

Google Sign-in

CDN

Unpkg

cdnjs

Cloudflare

JavaScript frameworks

Nuxt.js

Vue.js

JavaScript libraries

jQuery3.3.1

Marketing automation

OneSignal

Static site generator

Nuxt.js

Web frameworks

Nuxt.js

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

80 443 3001 3002 3306 6379 8080 8181 8186 9000 9001

80 / tcp

-2100514759 | 2025-03-27T13:51:43.515350

Hashes

hash

-1691794546

http.dom_hash

1239617585

http.html_hash

-2100514759

http.server_hash

-1340961475

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 27 Mar 2025 13:51:42 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://superapp-dev.bandung.go.id/

443 / tcp

1862980561 | 2025-03-27T13:52:33.579095

Hashes

hash

813763282

http.dom_hash

-509087222

http.favicon.hash

-876282896

http.html_hash

1862980561

http.server_hash

786416291

http.title_hash

-1865284007

Bandung Smart City

HTTP/1.1 200 OK
Server: nginx/1.27.0
Date: Thu, 27 Mar 2025 13:51:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6701047
Connection: keep-alive
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
ETag: "663ff7-kavlZYPkFv826WxdzV/V+1iPbBg"
Accept-Ranges: none
X-Cache: HIT from Frontend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:e1:06:f4:fa:7d:80:b2:f4:be:d4:75:fe:01:ea:ea:39:b3
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E6
        Validity
            Not Before: Jan 22 00:55:31 2025 GMT
            Not After : Apr 22 00:55:30 2025 GMT
        Subject: CN=superapp-stagging.bandung.go.id
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:7a:39:c6:1b:6f:9b:5b:d0:8d:a2:da:d2:7a:b3:
                    ec:9b:36:3d:37:8d:3b:14:90:b7:ee:af:82:b9:24:
                    6a:fb:ef:c0:78:7f:fa:68:11:76:dd:4c:8e:d1:e8:
                    eb:52:c4:74:fd:5a:9f:7e:95:f1:ce:1f:1b:fd:85:
                    d8:21:47:3d:26
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                CD:7B:93:21:FA:58:9A:A3:5E:05:41:8A:03:7D:6B:2A:77:28:40:61
            X509v3 Authority Key Identifier: 
                93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
            Authority Information Access: 
                OCSP - URI:http://e6.o.lencr.org
                CA Issuers - URI:http://e6.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:superapp-stagging.bandung.go.id
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 22 01:54:01.742 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5D:C6:83:96:70:3B:04:60:31:75:33:07:
                                7F:1E:28:30:4F:2B:10:98:0B:45:5E:2B:A6:8B:89:6B:
                                73:FD:2C:80:02:20:24:44:82:D2:0C:EF:75:F3:22:1E:
                                E8:14:98:57:50:A3:86:10:17:CE:F0:40:FE:41:8A:48:
                                91:C1:F7:F1:F9:CE
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Jan 22 01:54:02.085 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:48:54:CA:BB:66:76:42:44:18:2D:29:1A:
                                5E:A7:5A:8C:93:22:13:85:44:88:30:D5:3C:F9:BE:B0:
                                80:27:D2:C2:02:20:5C:1E:A1:94:F3:AE:02:80:61:96:
                                19:93:D4:07:C2:05:4C:03:D4:0E:FE:0B:55:0F:D1:5A:
                                93:A8:5B:64:E2:9B
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:30:2a:0b:fc:32:fd:19:e9:45:46:87:c7:74:81:21:
        51:9b:0b:6e:7b:01:02:41:56:05:06:eb:25:a3:c3:64:56:c1:
        02:53:22:bd:9c:bf:88:3a:4f:32:6b:52:1b:de:61:67:02:31:
        00:9d:91:6c:2c:dc:af:d7:cd:72:a1:09:bb:34:1d:cd:4d:7a:
        cd:94:4c:54:6f:8d:64:0e:dd:3a:8c:33:0e:a1:ec:19:a3:6d:
        c1:28:8f:50:21:63:2f:b0:76:3a:ae:41:e8

Vulnerabilities

3001 / tcp

-1246004407 | 2025-03-28T16:57:04.982896

HTTP/1.1 400 Bad Request
Connection: close

3002 / tcp

799400798 | 2025-03-07T13:43:55.760115

Hashes

hash

151629215

http.dom_hash

1061028916

http.html_hash

799400798

http.title_hash

1650770687

Admin Smartcity - Admin Smartcity

HTTP/1.1 200 OK
ETag: "cf0-pKC5hHvn8xe9kjz+iFYBAymQC70"
Content-Type: text/html; charset=utf-8
Accept-Ranges: none
Content-Length: 3312
Date: Fri, 07 Mar 2025 13:44:11 GMT
Connection: keep-alive
Keep-Alive: timeout=5

3306 / tcp

552448747 | 2025-04-04T19:53:31.282807

MariaDB:
  Protocol Version: 10
  Version: 11.4.2-MariaDB-ubu2404
  Capabilities: 65534
  Server Language: 45
  Server Status: 2
  Extended Server Capabilities: 33279
  Authentication Plugin: mysql_native_password

6379 / tcp

-1927723706 | 2025-03-23T17:21:34.079728

-NOAUTH Authentication required.

8080 / tcp

498769662 | 2025-03-07T10:48:56.670740

Hashes

hash

-1392193235

http.dom_hash

1882092635

http.html_hash

498769662

http.server_hash

-1340961475

http.title_hash

-811387491

Redirecting to https://103.108.190.175/login

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 07 Mar 2025 10:48:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Location: https://103.108.190.175/login
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
Set-Cookie: XSRF-TOKEN=eyJpdiI6IndWWU5pcnlZWHU3ZHFzbGdvRGJtQ2c9PSIsInZhbHVlIjoiZEkza0F2dWEzemxTYWg4eGFqL1NvU2tERE5DQWRZNjBobkdLQTFLN2NDa3FhMEw0dFVzcHhaY2FvWHY2RUpidkxraFA1WFk2K1ZFcW9lOWgvaStBdDkvcVpzYUFtbDhWMmZJNEVCOS9NZENiNnZyRzk5enNqa2xLcWJha2lxeGEiLCJtYWMiOiI2NDY2ODFiMzZhN2FjODE4OWQ5NTJkODJjYWM1ZTY4NGQ0ZTc3MjY1ZDUwYWY0ZTdkOTU0ZjQ2NjQ0ODEwNDg1IiwidGFnIjoiIn0%3D; expires=Fri, 07-Mar-2025 12:48:56 GMT; Max-Age=7200; path=/; samesite=lax
Set-Cookie: smartcity_oauth_session=eyJpdiI6IkdmTHhoYThXYWQ3TzkwSDllREZSdGc9PSIsInZhbHVlIjoiWEhpVmVycm1hSStqUS80VStDREFTZ1VzMUtZMUZ0UlB0ZzdLY2ZqMkhMN0E3ZE92aWp1K3ptek55QVNmU1Nyc3c2RG5PWGxXQlhDdlRPWWpVcjVyRkpJQ2hGOGFZYTJ6Ry9ZMmhucDFydEh2STZZU1hYOGVhelJnTDd0amd0M1kiLCJtYWMiOiJiZjUwZWU2MDI2MGEzNzU0MzRlMjA1ZmE4ZjA1M2YwYzYyMzAzMDUyOGRjNThjNTcyOTliOTYxNzA1MzllMWI5IiwidGFnIjoiIn0%3D; expires=Fri, 07-Mar-2025 12:48:56 GMT; Max-Age=7200; path=/; httponly; samesite=lax

8181 / tcp

-393685327 | 2025-03-10T23:04:10.307911

HTTP/1.1 404 Not Found
Content-Type: text/html
Expires: 0
Cache-control: private
Content-Length: 200

Sorry, Page Not Found

8186 / tcp

275643173 | 2025-03-19T22:36:16.250411

Hashes

hash

-1105310626

http.dom_hash

-2006505642

http.html_hash

275643173

HTTP/1.1 404 Not Found
Content-Type: text/html
Expires: 0
Cache-control: private
Content-Length: 1036

9000 / tcp

-1015810118 | 2025-03-29T18:52:50.814495

Hashes

hash

-1942623862

http.dom_hash

-1399918778

http.html_hash

-1015810118

HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=utf-8
Location: http://103.108.190.175:9001
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 18315ACDCA93030A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Date: Sat, 29 Mar 2025 18:52:50 GMT
Content-Length: 63

9001 / tcp

1426612211 | 2025-03-29T19:02:56.209132

Hashes

hash

165135550

http.dom_hash

1157663880

http.favicon.hash

-114774331

http.html_hash

1426612211

http.robots_hash

73384430

http.server_hash

784350709

http.title_hash

784350709

MinIO Console

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1310
Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline'; script-src 'self' https://unpkg.com;  connect-src 'self' https://unpkg.com;
Content-Type: text/html
Last-Modified: Sat, 29 Mar 2025 19:02:56 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: MinIO Console
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Date: Sat, 29 Mar 2025 19:02:56 GMT
Connection: close

103.108.190.175

Last Seen: 2025-04-04

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

-2100514759 | 2025-03-27T13:51:43.515350

Hashes

nginx

443 / tcp

1862980561 | 2025-03-27T13:52:33.579095

Hashes

nginx1.27.0

3001 / tcp

-1246004407 | 2025-03-28T16:57:04.982896

3002 / tcp

799400798 | 2025-03-07T13:43:55.760115

Hashes

3306 / tcp

552448747 | 2025-04-04T19:53:31.282807

MariaDB11.4.2-MariaDB-ubu2404

6379 / tcp

-1927723706 | 2025-03-23T17:21:34.079728

Redis key-value store

8080 / tcp

498769662 | 2025-03-07T10:48:56.670740

Hashes

nginx

8181 / tcp

-393685327 | 2025-03-10T23:04:10.307911

8186 / tcp

275643173 | 2025-03-19T22:36:16.250411

Hashes

9000 / tcp

-1015810118 | 2025-03-29T18:52:50.814495

Hashes

9001 / tcp

1426612211 | 2025-03-29T19:02:56.209132

Hashes

MinIO Server

Products

Pricing

Contact Us

103.108.190.175

Last Seen: 2025-04-04

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp -2100514759 | 2025-03-27T13:51:43.515350

Hashes

nginx

443 / tcp 1862980561 | 2025-03-27T13:52:33.579095

Hashes

nginx1.27.0

3001 / tcp -1246004407 | 2025-03-28T16:57:04.982896

3002 / tcp 799400798 | 2025-03-07T13:43:55.760115

Hashes

3306 / tcp 552448747 | 2025-04-04T19:53:31.282807

MariaDB11.4.2-MariaDB-ubu2404

6379 / tcp -1927723706 | 2025-03-23T17:21:34.079728

Redis key-value store

8080 / tcp 498769662 | 2025-03-07T10:48:56.670740

Hashes

nginx

8181 / tcp -393685327 | 2025-03-10T23:04:10.307911

8186 / tcp 275643173 | 2025-03-19T22:36:16.250411

Hashes

9000 / tcp -1015810118 | 2025-03-29T18:52:50.814495

Hashes

9001 / tcp 1426612211 | 2025-03-29T19:02:56.209132

Hashes

MinIO Server

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-2100514759 | 2025-03-27T13:51:43.515350

443 / tcp

1862980561 | 2025-03-27T13:52:33.579095

3001 / tcp

-1246004407 | 2025-03-28T16:57:04.982896

3002 / tcp

799400798 | 2025-03-07T13:43:55.760115

3306 / tcp

552448747 | 2025-04-04T19:53:31.282807

6379 / tcp

-1927723706 | 2025-03-23T17:21:34.079728

8080 / tcp

498769662 | 2025-03-07T10:48:56.670740

8181 / tcp

-393685327 | 2025-03-10T23:04:10.307911

8186 / tcp

275643173 | 2025-03-19T22:36:16.250411

9000 / tcp

-1015810118 | 2025-03-29T18:52:50.814495

9001 / tcp

1426612211 | 2025-03-29T19:02:56.209132