ms.bankmega.com Open in urlscan Pro
103.222.239.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ms.bankmega.com/tele/upload.php?040401XIQn
Submission: On October 20 via manual (October 20th 2023, 5:08:53 am UTC) from ID — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 103.222.239.103, located in Bintaro, Indonesia and belongs to IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID. The main domain is ms.bankmega.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 12th 2023. Valid for: a year.

This is the only time ms.bankmega.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	103.222.239.103 103.222.239.103	135447 (IDNIC-BAN...) (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk)
2	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

13 103.222.239.103 (Bintaro, Indonesia)

ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID)
PTR: uatsisosmed.bankmega.com

ms.bankmega.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	bankmega.com ms.bankmega.com	284 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1102	1 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	207 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	13 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	27 KB
18	5

	Domain	Requested by
13	ms.bankmega.com	ms.bankmega.com
2	unpkg.com	1 redirects ms.bankmega.com
2	code.jquery.com	ms.bankmega.com
1	cdn.jsdelivr.net	ms.bankmega.com
1	cdnjs.cloudflare.com	ms.bankmega.com
18	5

This site contains no links.

Subject Issuer	Validity	Valid
*.bankmega.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ms.bankmega.com/tele/upload.php?040401XIQn
Frame ID: 728FF37DA552E67760C29EEF296BD6C8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

18
Requests

94 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

532 kB
Transfer

1341 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/webcam-easy/dist/webcam-easy.min.js HTTP 302
https://unpkg.com/webcam-easy@1.1.1/dist/webcam-easy.min.js

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request upload.php Show response
ms.bankmega.com/tele/ 64 KB
11 KB 1577ms
392ms Document
text/html 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

d17ebc29cacf688b73fbf9fb68aff918120479805d9b79c350477d15b6ed4e4b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 05:08:42 GMT
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Keep-Alive: timeout=5, max=100
Referrer-Policy: same-origin strict-origin-when-cross-origin
Strict-Transport-Security: max-age=16070400; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block 1; mode=block

GET
H2 200 jquery-1.12.4.js Show response
code.jquery.com/ 287 KB
85 KB 38ms
7ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.js
Requested by: Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 05:08:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2977907
x-cache: HIT, HIT
content-length: 87176
x-served-by: cache-lga21970-LGA, cache-fra-eddf8230062-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1697778523.308434,VS0,VE0
etag: W/"28feccc0-47a36"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 80, 16509

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 41ms
11ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 05:08:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2977920
x-cache: HIT, HIT
content-length: 124434
x-served-by: cache-lga21932-LGA, cache-fra-eddf8230062-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1697778523.308613,VS0,VE0
etag: W/"28feccc0-7f20a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 329, 67190

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 46ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1286637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAnsDuaW4eIiXlUtJYKfImLMAmNceqAm3%2Bqs7YLF38PU0AHAXU%2Bnm18H3FevRBmJOGKc66GfC7RqwzAZX49le9Bid%2BPvmF5gJJBRvpLKE3rhxPx5Dc%2BA9G4MQE6TI82kqBA9l%2BPqVldeYO%2Blj84tWuwu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 818ebe9aad369b74-FRA
expires: Wed, 09 Oct 2024 05:08:43 GMT

GET
H2

200

webcam-easy.min.js Show response
unpkg.com/webcam-easy@1.1.1/dist/
Redirect Chain

https://unpkg.com/webcam-easy/dist/webcam-easy.min.js
https://unpkg.com/webcam-easy@1.1.1/dist/webcam-easy.min.js

3 KB
1 KB

18ms
17ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/webcam-easy@1.1.1/dist/webcam-easy.min.js

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8087960f0951aebb7636e4b8657bb165fb2ea838293f96e15e03645b88b48111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 05:08:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7779824
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H5XWB9R319B0RSCVFS8WYQJK-fra
server: cloudflare
etag: W/"d3e-7OUcla/6h/w1K2jGvgpq4MtXT9s"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 818ebe9aeca49150-FRA

Redirect headers

date: Fri, 20 Oct 2023 05:08:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: EXPIRED
fly-request-id: 01HD5QRQ5X5SSJ3CS44JTSVDM1-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /webcam-easy@1.1.1/dist/webcam-easy.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 818ebe9abc469150-FRA

GET
H2 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios/dist/ 32 KB
13 KB 48ms
25ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd688b0ff9f17567ad22bf34a05ed17ee78750b9965418309c821eb3f55cc38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 05:08:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26783
x-jsd-version: 1.5.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220107-FRA, cache-yyz4575-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"7e51-T4rJbSBNkdaBUKcCugO26+F2VqU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAQg2unV43CN02WM3a3cfjRXr%2BjqbiZ0ajTGyV96DanVmFpbTIUGhhHlLq04tw%2FDgwJfNH%2Bjlpw%2FA%2FcJikQtRex6TopX52EZxbAPGI05qctQlwd44WFRbNFpUwry5U3tBvptB0Rl%2BJEj%2F5405Pg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 818ebe9aa8b19ba6-FRA

GET
H/1.1 200
OK lz-string.js Show response
ms.bankmega.com/tele/js/ 16 KB
17 KB 214ms
213ms Script
application/javascript 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ms.bankmega.com/tele/js/lz-string.js

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

d1b3a819246048ba30d9bf77f8927d96f65d2f867e36fa8cf880a3d84d1e8fc6

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:43 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Wed, 08 Sep 2021 05:19:32 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "3ea0-5cb7506f6c100"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16032
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK lzma_worker.js Show response
ms.bankmega.com/tele/LZMA-JS/src/ 109 KB
110 KB 627ms
205ms Script
application/javascript 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ms.bankmega.com/tele/LZMA-JS/src/lzma_worker.js

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

b2704cc4536d113ba9d4badfb4b262ec878b16824e300596895c0a1080fbdc50

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:43 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Sun, 19 Nov 2017 00:48:01 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "1b56e-55e4b525df240"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 111982
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK loading.css
ms.bankmega.com/tele/ 2 KB
1 KB 2767ms
2364ms Stylesheet
text/css 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ms.bankmega.com/tele/loading.css

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

69c6f72d1158f13fefc861e5b539a4b4b57be9a82d89a97d460aa6688da1993c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:45 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 543
X-XSS-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Mon, 22 Mar 2021 04:37:10 GMT
ETag: "7b3-5be189e6d2980"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK bootstrap.min.css
ms.bankmega.com/tele/css/ 118 KB
21 KB 663ms
242ms Stylesheet
text/css 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ms.bankmega.com/tele/css/bootstrap.min.css

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:43 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 20311
X-XSS-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Mon, 03 Sep 2018 17:00:00 GMT
ETag: "1d9ac-574fa78bf4400"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK close.png
ms.bankmega.com/tele/images/ 5 KB
6 KB 639ms
208ms Image
image/png 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ms.bankmega.com/tele/images/close.png

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

6210245ca5b1d33486fe8a6b3ee516d7711de1cf37aedc349cc64ea3803efe06

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:43 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Mon, 21 Mar 2022 10:00:39 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "14c5-5dab791877fc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5317
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK camera.png
ms.bankmega.com/tele/images/ 6 KB
7 KB 3034ms
2577ms Image
image/png 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ms.bankmega.com/tele/images/camera.png

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

0479eff278311c589a2dd3f532da14ebe6e8342030e8e9d21ef76697a79e71e5

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:45 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Mon, 21 Mar 2022 09:07:28 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "1904-5dab6d354b400"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6404
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK flip.png
ms.bankmega.com/tele/images/ 14 KB
15 KB 203ms
203ms Image
image/png 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ms.bankmega.com/tele/images/flip.png

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

92cf232343b9c16713f607a09a2eca0b31fc0b03931ba88432d651daba13c180

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:44 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Mon, 21 Mar 2022 09:55:05 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "38f9-5dab77d9f1040"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 14585
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK user.png
ms.bankmega.com/tele/images/ 58 KB
59 KB 199ms
199ms Image
image/png 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ms.bankmega.com/tele/images/user.png

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

bb66df408d8a68cc001480c9cc43275033e5dee9bd461957662f58052a6ca360

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:44 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Tue, 22 Mar 2022 04:58:04 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "e717-5dac7753f8f00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 59159
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK card.png
ms.bankmega.com/tele/images/ 18 KB
19 KB 198ms
198ms Image
image/png 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ms.bankmega.com/tele/images/card.png

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

923c7927d6a391d0433390a0b4b306186996eda2fa021f885fe07b7e17ce68f7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:44 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Tue, 22 Mar 2022 05:03:10 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "4833-5dac7877cbf80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18483
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK payslip.png
ms.bankmega.com/tele/images/ 5 KB
6 KB 395ms
197ms Image
image/png 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ms.bankmega.com/tele/images/payslip.png

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

38954666e3b8e32fbfe09796a32537097bdf1e49730167eb39ae31587965dc19

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:44 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Tue, 22 Mar 2022 06:02:00 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "138e-5dac859e44600"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5006
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK loading.js Show response
ms.bankmega.com/tele/ 234 B
1 KB 197ms
197ms Script
application/javascript 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ms.bankmega.com/tele/loading.js

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

10b24ac9c464b902c52ed2ce49e5fe45e745ac259ca8aa6204e4718aea5beedb

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:44 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection: Keep-Alive
Content-Length: 234
X-XSS-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Thu, 02 Jun 2022 08:28:13 GMT
ETag: "ea-5e072c960a140"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK logo2.png
ms.bankmega.com/tele/images/ 10 KB
11 KB 379ms
379ms Image
image/png 103.222.239.103
IDNIC-BANKMEGA-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ms.bankmega.com/tele/images/logo2.png

Requested by

Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?040401XIQn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),

Reverse DNS

uatsisosmed.bankmega.com

Software

Resource Hash

e0ca96be3bde71c4ac94ce05facdd2b68e956b68e2d28eb4eb68925ae4cc131c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ms.bankmega.com/tele/upload.php?040401XIQn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 05:08:46 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Last-Modified: Mon, 20 Nov 2017 17:00:00 GMT
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag: "292c-55e6d044aa400"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Feature-Policy: fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 10540
X-XSS-Protection: 1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
ms.bankmega.com
unpkg.com
103.222.239.103
2606:4700::6810:5614
2606:4700::6810:7baf
2606:4700::6811:190e
2a04:4e42:600::649
0479eff278311c589a2dd3f532da14ebe6e8342030e8e9d21ef76697a79e71e5
10b24ac9c464b902c52ed2ce49e5fe45e745ac259ca8aa6204e4718aea5beedb
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
38954666e3b8e32fbfe09796a32537097bdf1e49730167eb39ae31587965dc19
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
6210245ca5b1d33486fe8a6b3ee516d7711de1cf37aedc349cc64ea3803efe06
69c6f72d1158f13fefc861e5b539a4b4b57be9a82d89a97d460aa6688da1993c
8087960f0951aebb7636e4b8657bb165fb2ea838293f96e15e03645b88b48111
923c7927d6a391d0433390a0b4b306186996eda2fa021f885fe07b7e17ce68f7
92cf232343b9c16713f607a09a2eca0b31fc0b03931ba88432d651daba13c180
b2704cc4536d113ba9d4badfb4b262ec878b16824e300596895c0a1080fbdc50
bb66df408d8a68cc001480c9cc43275033e5dee9bd461957662f58052a6ca360
d17ebc29cacf688b73fbf9fb68aff918120479805d9b79c350477d15b6ed4e4b
d1b3a819246048ba30d9bf77f8927d96f65d2f867e36fa8cf880a3d84d1e8fc6
e0ca96be3bde71c4ac94ce05facdd2b68e956b68e2d28eb4eb68925ae4cc131c
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
fd688b0ff9f17567ad22bf34a05ed17ee78750b9965418309c821eb3f55cc38f

ms.bankmega.com Open in urlscan Pro 103.222.239.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

532 kBTransfer

1341 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

ms.bankmega.com Open in urlscan Pro
103.222.239.103 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

532 kB
Transfer

1341 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions