urlscan.io logo urlscan.io
SecurityTrails logo

ms.bankmega.com Open in urlscan Pro
103.222.239.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ms.bankmega.com/tele/validasi.php?200535vDW5
Effective URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Submission: On December 20 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 103.222.239.103, located in Bintaro, Indonesia and belongs to IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID. The main domain is ms.bankmega.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 12th 2023. Valid for: a year.
This is the only time ms.bankmega.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 103.222.239.103 135447 (IDNIC-BAN...)
2 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 5
15    103.222.239.103 (Bintaro, Indonesia)

ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID)
PTR: resetpass.bankmega.com.bankmega.com
ms.bankmega.com
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
15 bankmega.com
ms.bankmega.com
303 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 857
1 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
207 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
13 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
27 KB
19 5
Domain Requested by
15 ms.bankmega.com 1 redirects ms.bankmega.com
2 unpkg.com 1 redirects ms.bankmega.com
2 code.jquery.com ms.bankmega.com
1 cdn.jsdelivr.net ms.bankmega.com
1 cdnjs.cloudflare.com ms.bankmega.com
19 5

This site contains no links.

Subject Issuer Validity Valid
*.bankmega.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2024-05-12		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ms.bankmega.com/tele/upload.php?200535vDW5
Frame ID: 4DDF58BE434D2E4A73F672850B320525
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ms.bankmega.com/tele/validasi.php?200535vDW5 HTTP 302
    http://ms.bankmega.com/tele/upload.php?200535vDW5 HTTP 307
    https://ms.bankmega.com/tele/upload.php?200535vDW5 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

95 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

552 kB
Transfer

1361 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ms.bankmega.com/tele/validasi.php?200535vDW5 HTTP 302
    http://ms.bankmega.com/tele/upload.php?200535vDW5 HTTP 307
    https://ms.bankmega.com/tele/upload.php?200535vDW5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/webcam-easy/dist/webcam-easy.min.js HTTP 302
  • https://unpkg.com/webcam-easy@1.1.1/dist/webcam-easy.min.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request upload.php
ms.bankmega.com/tele/
Redirect Chain
  • https://ms.bankmega.com/tele/validasi.php?200535vDW5
  • http://ms.bankmega.com/tele/upload.php?200535vDW5
  • https://ms.bankmega.com/tele/upload.php?200535vDW5
64 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
3b59b92bab134e49374b532b3a7f4b07770848fea9c04d5a7a05dd4a5372b6f3
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Dec 2023 10:43:52 GMT
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Keep-Alive
timeout=5, max=99
Referrer-Policy
same-origin strict-origin-when-cross-origin
Strict-Transport-Security
max-age=16070400; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://ms.bankmega.com/tele/upload.php?200535vDW5
Non-Authoritative-Reason
HSTS
jquery-1.12.4.js
code.jquery.com/ 		287 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.js
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 10:43:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
8266834
x-cache
HIT, HIT
content-length
87176
x-served-by
cache-lga21970-LGA, cache-fra-eddf8230033-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1703069033.563782,VS0,VE0
etag
W/"28feccc0-47a36"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
80, 83167
jquery-ui.js
code.jquery.com/ui/1.12.1/ 		509 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 10:43:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
8266833
x-cache
HIT, HIT
content-length
124434
x-served-by
cache-lga21932-LGA, cache-fra-eddf8230033-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1703069033.563659,VS0,VE0
etag
W/"28feccc0-7f20a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
329, 338819
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 10:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3317413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06UvitFmLvQ%2FgARZW2EzMnLoR2MnyC9ckLhYpxyhAenk8TC5V8eVO9e9ggei%2FknwAUMo1dDFhBXXKnrZ5kwOZHig3m%2B5LkCCansxRXbEJ10DGWvmfsM1%2BaJcRTkvcmqRWr%2B0lmTyMWDfpxd2Fwj9T1Uo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8387496d79cf92a1-FRA
expires
Mon, 09 Dec 2024 10:43:52 GMT
webcam-easy.min.js
unpkg.com/webcam-easy@1.1.1/dist/
Redirect Chain
  • https://unpkg.com/webcam-easy/dist/webcam-easy.min.js
  • https://unpkg.com/webcam-easy@1.1.1/dist/webcam-easy.min.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/webcam-easy@1.1.1/dist/webcam-easy.min.js
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8087960f0951aebb7636e4b8657bb165fb2ea838293f96e15e03645b88b48111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 10:43:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3295950
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HF15XS0RN697B6EFDPB55JHE-fra
server
cloudflare
etag
W/"d3e-7OUcla/6h/w1K2jGvgpq4MtXT9s"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8387496deef61db1-FRA

Redirect headers

date
Wed, 20 Dec 2023 10:43:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HJ3CW1TS0702P6E6ZFQKTFS7-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
333
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/webcam-easy@1.1.1/dist/webcam-easy.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8387496d7e7d1db1-FRA
axios.min.js
cdn.jsdelivr.net/npm/axios/dist/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 10:43:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25002
x-jsd-version
1.6.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230128-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"8355-QTyXuMi6C+GMNqZaW+lAI5xZVsI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAAgtwGr9MGiTZde2VpxpdkuiZ40p4bMmjD3NI8Oug%2FMFnSn5JKA3TxgJG0VviKtzDjehpruuscYP4w9KpET%2BuePx%2FgZUBVzl%2FtfJ6fPGN9q%2FdVblaGG1wh5Ja7IQRB6lsiBHccGKlkJIXoz28Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8387496d7c919049-FRA
lz-string.js
ms.bankmega.com/tele/js/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.bankmega.com/tele/js/lz-string.js
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
d1b3a819246048ba30d9bf77f8927d96f65d2f867e36fa8cf880a3d84d1e8fc6
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:52 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Wed, 08 Sep 2021 05:19:32 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"3ea0-5cb7506f6c100"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
16032
X-XSS-Protection
1; mode=block, 1; mode=block
lzma_worker.js
ms.bankmega.com/tele/LZMA-JS/src/ 		109 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.bankmega.com/tele/LZMA-JS/src/lzma_worker.js
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
b2704cc4536d113ba9d4badfb4b262ec878b16824e300596895c0a1080fbdc50
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Sun, 19 Nov 2017 00:48:01 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"1b56e-55e4b525df240"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
111982
X-XSS-Protection
1; mode=block, 1; mode=block
loading.css
ms.bankmega.com/tele/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ms.bankmega.com/tele/loading.css
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
69c6f72d1158f13fefc861e5b539a4b4b57be9a82d89a97d460aa6688da1993c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:52 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
543
X-XSS-Protection
1; mode=block, 1; mode=block
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Mon, 22 Mar 2021 04:37:10 GMT
ETag
"7b3-5be189e6d2980"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
bootstrap.min.css
ms.bankmega.com/tele/css/ 		118 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ms.bankmega.com/tele/css/bootstrap.min.css
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
20311
X-XSS-Protection
1; mode=block, 1; mode=block
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Mon, 03 Sep 2018 17:00:00 GMT
ETag
"1d9ac-574fa78bf4400"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
close.png
ms.bankmega.com/tele/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.bankmega.com/tele/images/close.png
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
6210245ca5b1d33486fe8a6b3ee516d7711de1cf37aedc349cc64ea3803efe06
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Mon, 21 Mar 2022 10:00:39 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"14c5-5dab791877fc0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
5317
X-XSS-Protection
1; mode=block, 1; mode=block
camera.png
ms.bankmega.com/tele/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.bankmega.com/tele/images/camera.png
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
0479eff278311c589a2dd3f532da14ebe6e8342030e8e9d21ef76697a79e71e5
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Mon, 21 Mar 2022 09:07:28 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"1904-5dab6d354b400"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6404
X-XSS-Protection
1; mode=block, 1; mode=block
flip.png
ms.bankmega.com/tele/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.bankmega.com/tele/images/flip.png
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
92cf232343b9c16713f607a09a2eca0b31fc0b03931ba88432d651daba13c180
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Mon, 21 Mar 2022 09:55:05 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"38f9-5dab77d9f1040"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
14585
X-XSS-Protection
1; mode=block, 1; mode=block
user.png
ms.bankmega.com/tele/images/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.bankmega.com/tele/images/user.png
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
bb66df408d8a68cc001480c9cc43275033e5dee9bd461957662f58052a6ca360
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 22 Mar 2022 04:58:04 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"e717-5dac7753f8f00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
59159
X-XSS-Protection
1; mode=block, 1; mode=block
card.png
ms.bankmega.com/tele/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.bankmega.com/tele/images/card.png
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
923c7927d6a391d0433390a0b4b306186996eda2fa021f885fe07b7e17ce68f7
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 22 Mar 2022 05:03:10 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"4833-5dac7877cbf80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
18483
X-XSS-Protection
1; mode=block, 1; mode=block
payslip.png
ms.bankmega.com/tele/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.bankmega.com/tele/images/payslip.png
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
38954666e3b8e32fbfe09796a32537097bdf1e49730167eb39ae31587965dc19
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 22 Mar 2022 06:02:00 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"138e-5dac859e44600"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5006
X-XSS-Protection
1; mode=block, 1; mode=block
loading.js
ms.bankmega.com/tele/ 		234 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.bankmega.com/tele/loading.js
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
10b24ac9c464b902c52ed2ce49e5fe45e745ac259ca8aa6204e4718aea5beedb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection
Keep-Alive
Content-Length
234
X-XSS-Protection
1; mode=block, 1; mode=block
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Thu, 02 Jun 2022 08:28:13 GMT
ETag
"ea-5e072c960a140"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
card.png
ms.bankmega.com/tele/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.bankmega.com/tele/images/card.png
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
923c7927d6a391d0433390a0b4b306186996eda2fa021f885fe07b7e17ce68f7
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 22 Mar 2022 05:03:10 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"4833-5dac7877cbf80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18483
X-XSS-Protection
1; mode=block, 1; mode=block
logo2.png
ms.bankmega.com/tele/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.bankmega.com/tele/images/logo2.png
Requested by
Host: ms.bankmega.com
URL: https://ms.bankmega.com/tele/upload.php?200535vDW5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.222.239.103 Bintaro, Indonesia, ASN135447 (IDNIC-BANKMEGA-AS-ID PT. Bank Mega Tbk, ID),
Reverse DNS
resetpass.bankmega.com.bankmega.com
Software
/
Resource Hash
e0ca96be3bde71c4ac94ce05facdd2b68e956b68e2d28eb4eb68925ae4cc131c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ms.bankmega.com/tele/upload.php?200535vDW5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 10:43:53 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Referrer-Policy
same-origin, strict-origin-when-cross-origin
Last-Modified
Mon, 20 Nov 2017 17:00:00 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';, default-src https: data: 'unsafe-inline' 'unsafe-eval'
ETag
"292c-55e6d044aa400"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
fullscreen 'self'; geolocation *; vibrate 'none'; payment 'none'; sync-xhr 'self'; microphone 'self' https://ibank.bankmega.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10540
X-XSS-Protection
1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| axios object| LZString object| LZMA object| LZMA_WORKER function| buttonmode boolean| started function| startcam function| takeFoto function| readUrl2 function| check function| konfirm function| hidePage function| timer function| showLoading function| hideLoading

0 Cookies

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
ms.bankmega.com
unpkg.com
103.222.239.103
2606:4700::6810:5614
2606:4700::6810:7baf
2606:4700::6811:190e
2a04:4e42:400::649
0479eff278311c589a2dd3f532da14ebe6e8342030e8e9d21ef76697a79e71e5
10b24ac9c464b902c52ed2ce49e5fe45e745ac259ca8aa6204e4718aea5beedb
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
38954666e3b8e32fbfe09796a32537097bdf1e49730167eb39ae31587965dc19
3b59b92bab134e49374b532b3a7f4b07770848fea9c04d5a7a05dd4a5372b6f3
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68
6210245ca5b1d33486fe8a6b3ee516d7711de1cf37aedc349cc64ea3803efe06
69c6f72d1158f13fefc861e5b539a4b4b57be9a82d89a97d460aa6688da1993c
8087960f0951aebb7636e4b8657bb165fb2ea838293f96e15e03645b88b48111
923c7927d6a391d0433390a0b4b306186996eda2fa021f885fe07b7e17ce68f7
92cf232343b9c16713f607a09a2eca0b31fc0b03931ba88432d651daba13c180
b2704cc4536d113ba9d4badfb4b262ec878b16824e300596895c0a1080fbdc50
bb66df408d8a68cc001480c9cc43275033e5dee9bd461957662f58052a6ca360
d1b3a819246048ba30d9bf77f8927d96f65d2f867e36fa8cf880a3d84d1e8fc6
e0ca96be3bde71c4ac94ce05facdd2b68e956b68e2d28eb4eb68925ae4cc131c
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c