urlscan.io logo urlscan.io
SecurityTrails logo

megawin138.cc Open in urlscan Pro
184.168.108.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://megawin138.asia/
Effective URL: https://megawin138.cc/
Submission Tags: phishingrod
Submission: On February 27 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 184.168.108.252, located in Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is megawin138.cc.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 27th 2023. Valid for: 3 months.
This is the only time megawin138.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 184.168.108.252 26496 (AS-26496-...)
7 2a00:1450:400... 15169 (GOOGLE)
1 162.19.88.68 16276 (OVH)
1 162.19.58.157 16276 (OVH)
3 148.66.136.51 26496 (AS-26496-...)
13 6
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
megawin138.asia
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    184.168.108.252 (Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 252.108.168.184.host.secureserver.net
megawin138.cc
7    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    162.19.88.68 (France)

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu
i.postimg.cc
1    162.19.58.157 (France)

ASN16276 (OVH, FR)
PTR: ns3096589.ip-162-19-58.eu
i.ibb.co
3    148.66.136.51 (Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
www.bigwintop.com
Apex Domain
Subdomains		 Transfer
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
97 KB
3 bigwintop.com
www.bigwintop.com
604 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12837
10 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18734
470 KB
1 megawin138.cc
megawin138.cc
13 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 megawin138.asia
megawin138.asia
478 B
13 7
Domain Requested by
7 cdn.ampproject.org megawin138.cc
cdn.ampproject.org
3 www.bigwintop.com megawin138.cc
1 i.ibb.co megawin138.cc
1 i.postimg.cc megawin138.cc
1 megawin138.cc
1 www.google.com 1 redirects
1 megawin138.asia 1 redirects
13 7

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
Subject Issuer Validity Valid
megawin138.cc
ZeroSSL RSA Domain Secure Site CA		 2023-01-27 -
2023-04-27		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
postimg.cc
R3		 2023-02-18 -
2023-05-19		 3 months crt.sh
ibb.co
R3		 2023-02-06 -
2023-05-07		 3 months crt.sh
bigwintop.com
Go Daddy Secure Certificate Authority - G2		 2023-01-02 -
2024-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://megawin138.cc/
Frame ID: 92BB273D54E6940DB0E273B868CA859A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MEGAWIN138 : DAFTAR LOGIN SLOT ONLINE, LINK ALTERNATIF | SLOT ONLINE TERBAIK DAN TERPERCAYA

Page URL History Show full URLs

  1. https://megawin138.asia/ HTTP 301
    https://www.google.com/amp/s/megawin138.cc/ HTTP 302
    https://megawin138.cc/ Page URL

Page Statistics

13
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

1193 kB
Transfer

1479 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://megawin138.asia/ HTTP 301
    https://www.google.com/amp/s/megawin138.cc/ HTTP 302
    https://megawin138.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
megawin138.cc/
Redirect Chain
  • https://megawin138.asia/
  • https://www.google.com/amp/s/megawin138.cc/
  • https://megawin138.cc/
72 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://megawin138.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.108.252 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
252.108.168.184.host.secureserver.net
Software
Apache /
Resource Hash
c3ade93fc1bedcee0cd877c7da0795ad02fcdd9d37f0dfd013aee38511d0841b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
12867
content-type
text/html
date
Mon, 27 Feb 2023 16:09:11 GMT
etag
"3e80240-12154-5f0f3ae1027fe-br"
last-modified
Thu, 29 Dec 2022 08:57:51 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
219
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-2daS-xRMlbNUzo-bmEtfZg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 27 Feb 2023 16:09:11 GMT
location
https://megawin138.cc/
origin-trial
AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
0
v0.mjs
cdn.ampproject.org/ 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
019c019ea39f614a79d32dcf46d0aba9da3915892ef0449c89f1da727adb0ffa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 16:09:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63274
x-xss-protection
0
server
sffe
etag
"325f5ee356cac73e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Feb 2023 16:09:12 GMT
amp-carousel-0.1.mjs
cdn.ampproject.org/v0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8958d94228dd6b686dbf033ca8fc3f98bd726bbf2ec0a9da91754abac6e09759
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 16:09:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10090
x-xss-protection
0
server
sffe
etag
"bd802b98277c7ebd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Feb 2023 16:09:12 GMT
amp-install-serviceworker-0.1.mjs
cdn.ampproject.org/v0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb429d85442158cee5603656d088d4ba0899ec2837cb6ae1ebaeddfc47aa58fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 16:09:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2384
x-xss-protection
0
server
sffe
etag
"11174b38f987ffa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Feb 2023 16:09:12 GMT
amp-youtube-0.1.mjs
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eba073eb665f3cca0c8b0bfc761e94712a1257a4a1acb634dadbd0fde45cf52f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 16:09:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10368
x-xss-protection
0
server
sffe
etag
"74641d93495e86f7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Feb 2023 16:09:12 GMT
amp-accordion-0.1.mjs
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82368544d6e90091d3779d382f94f544e13bfe2528d900da911fe24a0f681fa0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 16:09:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4879
x-xss-protection
0
server
sffe
etag
"f45cafc9e3d8c074"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Feb 2023 16:09:12 GMT
logomw138.png
i.postimg.cc/d36tNgVJ/ 		469 KB
470 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/d36tNgVJ/logomw138.png
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221377.ip-162-19-88.eu
Software
nginx /
Resource Hash
09872a5a99c5393eb81762303a4a034da834b963571cbd52fab7fc6ed908a7fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:09:12 GMT
last-modified
Tue, 10 May 2022 12:08:20 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
480025
expires
Thu, 31 Dec 2037 23:55:55 GMT
bank.png
i.ibb.co/VJ6HvZL/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/VJ6HvZL/bank.png
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096589.ip-162-19-58.eu
Software
nginx /
Resource Hash
3ca41f3358b8570d0b3cf4b01e8911f527792e720e73022d862a2f99e9a1ee44

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:09:12 GMT
last-modified
Sat, 25 Dec 2021 05:53:42 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10282
expires
Thu, 31 Dec 2037 23:55:55 GMT
amp-auto-lightbox-0.1.mjs
cdn.ampproject.org/rtv/012302031721000/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302031721000/v0/amp-auto-lightbox-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e77284bb3839ac71009d01d4d9bb7acaf6518bd8f2bac22e25a76f9bac45f60
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Feb 2023 21:46:44 GMT
age
498148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2827
x-xss-protection
0
server
sffe
etag
"cbc49e4fc55c75fc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 21 Feb 2024 21:46:44 GMT
amp-loader-0.1.mjs
cdn.ampproject.org/rtv/012302031721000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012302031721000/v0/amp-loader-0.1.mjs
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
863cf780bd808281b3b9cbfafc6a3ab44391f5d7a8547252232c6fe949585b6f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://megawin138.cc/
Origin
https://megawin138.cc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Feb 2023 21:46:47 GMT
age
498145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3902
x-xss-protection
0
server
sffe
etag
"fbe9646c0dfa40b1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 21 Feb 2024 21:46:47 GMT
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		149 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
BANNER-PROMO-BONUS++-STARLIGHT-MW.jpg
www.bigwintop.com/image/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bigwintop.com/image/BANNER-PROMO-BONUS++-STARLIGHT-MW.jpg
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.136.51 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
272e96f5584d950a49039db40fefa141f31a7811d51abb9a77b35f2c68b85c9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:09:12 GMT
last-modified
Mon, 31 Jan 2022 13:48:11 GMT
server
Apache
accept-ranges
bytes
etag
"56a0276-348ba-5d6e109110253"
content-length
215226
content-type
image/jpeg
BANNER-PROMO-BONUS++-ZEUS-MW-.jpg
www.bigwintop.com/image/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bigwintop.com/image/BANNER-PROMO-BONUS++-ZEUS-MW-.jpg
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.136.51 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
6f2ba3fce72971175040760a0e4e304cfcb2c4c00428dd98f98e1b25e6fe260e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:09:12 GMT
last-modified
Mon, 31 Jan 2022 13:48:11 GMT
server
Apache
accept-ranges
bytes
etag
"56a03b0-35c62-5d6e1091119c3"
content-length
220258
content-type
image/jpeg
BANNER-PROMO-MINIMAL-DEPO-MW-138.jpg
www.bigwintop.com/image/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bigwintop.com/image/BANNER-PROMO-MINIMAL-DEPO-MW-138.jpg
Requested by
Host: megawin138.cc
URL: https://megawin138.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.66.136.51 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
22aee5ccb32d8964fc15734aee5835ef1e00d23a47f3ef35ff21171655161d5f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://megawin138.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:09:12 GMT
last-modified
Mon, 31 Jan 2022 14:05:36 GMT
server
Apache
accept-ranges
bytes
etag
"56a034b-2c6a2-5d6e14757f707"
content-length
181922
content-type
image/jpeg

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_MODE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

2 Cookies

Domain/Path Name / Value
.google.com/ Name: __Secure-ENID
Value: 10.SE=BKflz0A_LYSUkgj_eAmg0abyrLIApnLqT7t2r-AvDtEkWO2lqSEJ7fqofqTG5EPJ5qztYhrYM5LxLzm9Vz1g01GXf1XJ-K0qfhPwE5CUg5JymLitue_x_7KKT2NTAL1AOzsohlFj7B37a-uRw4VHpcaLcHeNYdgdrSUTb-zED6M
.google.com/ Name: CONSENT
Value: PENDING+381