urlscan.io logo urlscan.io
SecurityTrails logo

megawin138.cc Open in urlscan Pro
184.168.108.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://megawin138.asia/
Effective URL: https://megawin138.cc/
Submission Tags: phishingrod
Submission: On March 07 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 184.168.108.252, located in Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is megawin138.cc.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 27th 2023. Valid for: 3 months.
This is the only time megawin138.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 184.168.108.252 26496 (AS-26496-...)
7 2a00:1450:400... 15169 (GOOGLE)
1 162.19.88.69 16276 (OVH)
1 162.19.58.161 16276 (OVH)
3 148.66.136.51 26496 (AS-26496-...)
13 6
1    2606:4700:3031::ac43:b9ce (United States)

ASN13335 (CLOUDFLARENET, US)
megawin138.asia
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    184.168.108.252 (Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 252.108.168.184.host.secureserver.net
megawin138.cc
7    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    162.19.88.69 (France)

ASN16276 (OVH, FR)
PTR: ns3221384.ip-162-19-88.eu
i.postimg.cc
1    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
3    148.66.136.51 (Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
www.bigwintop.com
Apex Domain
Subdomains		 Transfer
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
97 KB
3 bigwintop.com
www.bigwintop.com
604 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12837
10 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18734
470 KB
1 megawin138.cc
megawin138.cc
13 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 megawin138.asia
megawin138.asia
483 B
13 7
Domain Requested by
7 cdn.ampproject.org megawin138.cc
cdn.ampproject.org
3 www.bigwintop.com megawin138.cc
1 i.ibb.co megawin138.cc
1 i.postimg.cc megawin138.cc
1 megawin138.cc
1 www.google.com 1 redirects
1 megawin138.asia 1 redirects
13 7

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
Subject Issuer Validity Valid
megawin138.cc
ZeroSSL RSA Domain Secure Site CA		 2023-01-27 -
2023-04-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
postimg.cc
R3		 2023-02-18 -
2023-05-19		 3 months crt.sh
ibb.co
R3		 2023-02-06 -
2023-05-07		 3 months crt.sh
bigwintop.com
Go Daddy Secure Certificate Authority - G2		 2023-01-02 -
2024-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://megawin138.cc/
Frame ID: 0694535B7589A6F58F31BBD2DA8AA3B2
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MEGAWIN138 : DAFTAR LOGIN SLOT ONLINE, LINK ALTERNATIF | SLOT ONLINE TERBAIK DAN TERPERCAYA

Page URL History Show full URLs

  1. https://megawin138.asia/ HTTP 301
    https://www.google.com/amp/s/megawin138.cc/ HTTP 302
    https://megawin138.cc/ Page URL

Page Statistics

13
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

1193 kB
Transfer

1479 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://megawin138.asia/ HTTP 301
    https://www.google.com/amp/s/megawin138.cc/ HTTP 302
    https://megawin138.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
megawin138.cc/
Redirect Chain
  • https://megawin138.asia/
  • https://www.google.com/amp/s/megawin138.cc/
  • https://megawin138.cc/
72 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://megawin138.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.108.252 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
252.108.168.184.host.secureserver.net
Software
Apache /
Resource Hash
c3ade93fc1bedcee0cd877c7da0795ad02fcdd9d37f0dfd013aee38511d0841b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
12867
content-type
text/html
date
Tue, 07 Mar 2023 22:16:25 GMT
etag
"3e80240-12154-5f0f3ae1027fe-br"
last-modified
Thu, 29 Dec 2022 08:57:51 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
219
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-r-__mTaGmv3UVyj8sJV8VQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Tue, 07 Mar 2023 22:16:24 GMT
location
https://megawin138.cc/
origin-trial
AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
0
v0.mjs
cdn.ampproject.org/ 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cddc1ed4cd4e18ca03f41f077c7add49e02c10f7b493ac2acf3c541fa3dd567b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 22:16:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63237
x-xss-protection
0
server
sffe
etag
"76ec53eb872c7cf8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 22:16:25 GMT
amp-carousel-0.1.mjs
cdn.ampproject.org/v0/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ad8275d4a8f26bae8066b3e5a922fbf9b661807a6d8c3693ecea8e77ee8d91c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 22:16:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10072
x-xss-protection
0
server
sffe
etag
"8aa35b42f00fc946"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 22:16:25 GMT
amp-install-serviceworker-0.1.mjs
cdn.ampproject.org/v0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cd4fcd6c8876bd2152cd3ec568791eba123d6983f364c61f654ba19fdf870af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 22:16:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2385
x-xss-protection
0
server
sffe
etag
"284045ae963acb53"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 22:16:25 GMT
amp-youtube-0.1.mjs
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d92c0ebdbde90c0f1d16b1b9ed85a8002cade54b5e678f7bc0b70e7a519d18bd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 22:16:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10364
x-xss-protection
0
server
sffe
etag
"043c827b026edc2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 22:16:25 GMT
amp-accordion-0.1.mjs
cdn.ampproject.org/v0/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cae94c16a7c62e87c728004bfd38a8e4437babc79baa86dbfb6efbd9184587a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 22:16:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4890
x-xss-protection
0
server
sffe
etag
"a3b15af2d0f9afd5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Mar 2023 22:16:25 GMT
logomw138.png
i.postimg.cc/d36tNgVJ/ 		469 KB
470 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/d36tNgVJ/logomw138.png
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
09872a5a99c5393eb81762303a4a034da834b963571cbd52fab7fc6ed908a7fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:16:26 GMT
last-modified
Tue, 10 May 2022 12:08:20 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
480025
expires
Thu, 31 Dec 2037 23:55:55 GMT
bank.png
i.ibb.co/VJ6HvZL/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/VJ6HvZL/bank.png
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
3ca41f3358b8570d0b3cf4b01e8911f527792e720e73022d862a2f99e9a1ee44

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:16:25 GMT
last-modified
Sat, 25 Dec 2021 05:53:42 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10282
expires
Thu, 31 Dec 2037 23:55:55 GMT
amp-auto-lightbox-0.1.mjs
cdn.ampproject.org/rtv/012302271541000/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302271541000/v0/amp-auto-lightbox-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602965416d17f4a8abe58ab24c62ad069b9a41f981c4cc30555d1fed1a3d1173
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 07 Mar 2023 19:03:04 GMT
age
11601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2832
x-xss-protection
0
server
sffe
etag
"946b80a116671a59"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Mar 2024 19:03:04 GMT
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-loader-0.1.mjs
cdn.ampproject.org/rtv/012302271541000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302271541000/v0/amp-loader-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23cd252250497e9c4989cb3ba8ac62bb5451cc47bd4f7ac6c564d978e60d3048
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 07 Mar 2023 19:03:04 GMT
age
11601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3912
x-xss-protection
0
server
sffe
etag
"a8e7e7a95c2c5342"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Mar 2024 19:03:04 GMT
BANNER-PROMO-BONUS++-STARLIGHT-MW.jpg
www.bigwintop.com/image/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bigwintop.com/image/BANNER-PROMO-BONUS++-STARLIGHT-MW.jpg
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.136.51 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
272e96f5584d950a49039db40fefa141f31a7811d51abb9a77b35f2c68b85c9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:16:26 GMT
last-modified
Mon, 31 Jan 2022 13:48:11 GMT
server
Apache
accept-ranges
bytes
etag
"56a0276-348ba-5d6e109110253"
content-length
215226
content-type
image/jpeg
BANNER-PROMO-BONUS++-ZEUS-MW-.jpg
www.bigwintop.com/image/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bigwintop.com/image/BANNER-PROMO-BONUS++-ZEUS-MW-.jpg
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.136.51 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
6f2ba3fce72971175040760a0e4e304cfcb2c4c00428dd98f98e1b25e6fe260e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:16:26 GMT
last-modified
Mon, 31 Jan 2022 13:48:11 GMT
server
Apache
accept-ranges
bytes
etag
"56a03b0-35c62-5d6e1091119c3"
content-length
220258
content-type
image/jpeg
BANNER-PROMO-MINIMAL-DEPO-MW-138.jpg
www.bigwintop.com/image/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bigwintop.com/image/BANNER-PROMO-MINIMAL-DEPO-MW-138.jpg
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.136.51 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
22aee5ccb32d8964fc15734aee5835ef1e00d23a47f3ef35ff21171655161d5f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:16:26 GMT
last-modified
Mon, 31 Jan 2022 14:05:36 GMT
server
Apache
accept-ranges
bytes
etag
"56a034b-2c6a2-5d6e14757f707"
content-length
181922
content-type
image/jpeg

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_MODE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

2 Cookies

Domain/Path Name / Value
.google.com/ Name: __Secure-ENID
Value: 10.SE=nZlB5K44okAHIJK5-O6pMIAyu1bCcvMFWSAET4sdObTbuLJacxffeU7xF02lMQwpI7EpdbkT8Z6PL9mxioJCEHX0KoQKK7EOYPdQHSr87fmJKnzkSXIuXIPg2iX4LwXqgadj2xSosKat8rUjvjASBQPEhVUwXxo0v_KhVKrIxgM
.google.com/ Name: CONSENT
Value: PENDING+222