www.mediaprimaomnia.my Open in urlscan Pro
2606:4700::6812:cfb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url4482.revmedia.my/ls/click?upn=hSNWktEZSVHfY5eecQ-2BXgVMW8olvXFLjPxzN80FPZKoW-2BR3k1oiNSF1-2BM-2F4e2jWit8agxsHhIG-...
Effective URL:
https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
Submission: On August 11 via manual (August 11th 2023, 9:48:35 am UTC) from IN — Scanned from DE

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6812:cfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mediaprimaomnia.my.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2023. Valid for: a year.

This is the only time www.mediaprimaomnia.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
12	2606:4700::68... 2606:4700::6812:cfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	3

1 167.89.115.56 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

url4482.revmedia.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:cfb (United States)

ASN13335 (CLOUDFLARENET, US)

www.mediaprimaomnia.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mediaprimaomnia.my www.mediaprimaomnia.my	157 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6372	19 KB
1	revmedia.my 1 redirects url4482.revmedia.my	318 B
18	3

	Domain	Requested by
12	www.mediaprimaomnia.my	www.mediaprimaomnia.my
4	challenges.cloudflare.com	www.mediaprimaomnia.my challenges.cloudflare.com
1	url4482.revmedia.my	1 redirects
18	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
mediaprimaomnia.my Cloudflare Inc ECC CA-3	`2023-07-15` - `2024-07-14`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
Frame ID: 5F30B587E6764052FC4C81A2F636FF84
Requests: 18 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kqn9m/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 3AE17A7CDFAD5B0BC5F82D2592F027E6
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c7qmx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 49D179BE632E3C2D426E49EFD95E96ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://url4482.revmedia.my/ls/click?upn=hSNWktEZSVHfY5eecQ-2BXgVMW8olvXFLjPxzN80FPZKoW-2BR3k1oiNSF1-2BM... HTTP 302
https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_i... Page URL
https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_i... Page URL

Page Statistics

18
Requests

89 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

176 kB
Transfer

443 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url4482.revmedia.my/ls/click?upn=hSNWktEZSVHfY5eecQ-2BXgVMW8olvXFLjPxzN80FPZKoW-2BR3k1oiNSF1-2BM-2F4e2jWit8agxsHhIG-2BWXEJKkljMu1YLsiled-2FnbNbo4v43rQ3RnITWkJYY3Y-2Be8zooJCm7PttOIk4oW9JCU-2B0Nkx8pNGEtJPjTEjsuxYekfZxpn5uI-3D_mTg_JzL6piecoeVXNkBHIaURguGXnJ4anvFfH3tr7Q57KQnmA2N1Eq7bnqWWrW1xwTD6-2FLSrK-2Fc4AVSY96DBL2za5o7S0Bo9ug-2F22yOaINmHM2X4YsGMf-2F0KkoVcs4UpdhqUiFGiucMyD5FyV1J6mYH2H3oAkTvvXXOeS4jNvs8msWoExh6mEGKIPqk5igUDL9Ycq53JUAvQqJNVyqGXvWO4FavedwqDBw9pTEWMpD4FNDQ-3D HTTP 302
https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617 Page URL
https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://url4482.revmedia.my/ls/click?upn=hSNWktEZSVHfY5eecQ-2BXgVMW8olvXFLjPxzN80FPZKoW-2BR3k1oiNSF1-2BM-2F4e2jWit8agxsHhIG-2BWXEJKkljMu1YLsiled-2FnbNbo4v43rQ3RnITWkJYY3Y-2Be8zooJCm7PttOIk4oW9JCU-2B0Nkx8pNGEtJPjTEjsuxYekfZxpn5uI-3D_mTg_JzL6piecoeVXNkBHIaURguGXnJ4anvFfH3tr7Q57KQnmA2N1Eq7bnqWWrW1xwTD6-2FLSrK-2Fc4AVSY96DBL2za5o7S0Bo9ug-2F22yOaINmHM2X4YsGMf-2F0KkoVcs4UpdhqUiFGiucMyD5FyV1J6mYH2H3oAkTvvXXOeS4jNvs8msWoExh6mEGKIPqk5igUDL9Ycq53JUAvQqJNVyqGXvWO4FavedwqDBw9pTEWMpD4FNDQ-3D HTTP 302
https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

18 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

/ Show response
www.mediaprimaomnia.my/
Redirect Chain

http://url4482.revmedia.my/ls/click?upn=hSNWktEZSVHfY5eecQ-2BXgVMW8olvXFLjPxzN80FPZKoW-2BR3k1oiNSF1-2BM-2F4e2jWit8agxsHhIG-2BWXEJKkljMu1YLsiled-2FnbNbo4v43rQ3RnITWkJYY3Y-2Be8zooJCm7PttOIk4oW9JCU-2B...
https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

7 KB
5 KB

53ms
14ms

Document
text/html

2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e105d4214d459f852fb9690b2c64b5c48c8a1765834d63f99fb59cce0462a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7f4f9037ce9d366d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 11 Aug 2023 09:48:31 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 145
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Aug 2023 09:48:31 GMT
Location: https://www.mediaprimaomnia.my?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 challenges.css
www.mediaprimaomnia.my/cdn-cgi/styles/ 6 KB
3 KB 9ms
8ms Stylesheet
text/css 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/cdn-cgi/styles/challenges.css

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 17:26:21 GMT
server: cloudflare
etag: W/"64d1293d-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7f4f9037eed6366d-FRA
expires: Fri, 11 Aug 2023 11:48:31 GMT

GET
H3 200 v1 Show response
www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 169 KB
57 KB 22ms
22ms Script
application/javascript 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f9037ce9d366d

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae8309ff9f128f9c738e7f63bff8c8e1c15bf625bf7e55d65b3a5cb0ceee63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617&__cf_chl_rt_tk=gJ15FCYTtqs4Wlt.gCOoLi1RVMUYHq3vK5j.6lB_FS0-1691747311-0-gaNycGzNDNA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:48:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f4f903808a39b63-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/7186c00a/ 27 KB
10 KB 66ms
36ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?onload=zE2&render=explicit
Requested by: Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f9037ce9d366d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27cf9c50f0d7817a79937d0115486db7debe659260a7a3b584a172cc0908d8b2

Request headers

Referer: https://www.mediaprimaomnia.my/
Origin: https://www.mediaprimaomnia.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:48:31 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f4f90388f899048-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
www.mediaprimaomnia.my/ 6 KB
6 KB 42ms
42ms Image
text/html 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediaprimaomnia.my/favicon.ico

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b58614479e35e3754ca891c38b07a3b6926da4ab4fcde36b3c6ec6230a390e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7f4f903859109b63-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 1d2123a2-77bf-4aa8-8301-5539be21f8a3
https://www.mediaprimaomnia.my/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.mediaprimaomnia.my/1d2123a2-77bf-4aa8-8301-5539be21f8a3
Requested by: Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 7754e01fbf48ae6 Show response
www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/flow/ov1/1316376761:1691744936:WorzAhBKzLsWPeZjudsmiO_rR1onuSK9fxpHaKMmwpI/7f4f9037ce9d366d/ 10 KB
7 KB 30ms
30ms XHR
text/plain 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/flow/ov1/1316376761:1691744936:WorzAhBKzLsWPeZjudsmiO_rR1onuSK9fxpHaKMmwpI/7f4f9037ce9d366d/7754e01fbf48ae6

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f9037ce9d366d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61f8456aa74d8ab55cf80334c8c3a96c846696ea33b538aa6ce489b2444727a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge: 7754e01fbf48ae6
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 09:48:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
cf-ray: 7f4f903909eb9b63-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-chl-gen: Slu3RjjohP1lV4L8xd23wVI35apQNdn4xeufwZZRuLHYjJMH9X7mZPxmT6rLhhvw$PajZ9TrAUYZmtfr+Rm4r1A==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kqn9m/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 3AE1 0
0 28ms
17ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kqn9m/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?onload=zE2&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.mediaprimaomnia.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f4f90396dc8921f-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 09:48:31 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 7754e01fbf48ae6 Show response
www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/flow/ov1/1316376761:1691744936:WorzAhBKzLsWPeZjudsmiO_rR1onuSK9fxpHaKMmwpI/7f4f9037ce9d366d/ 2 KB
2 KB 25ms
24ms XHR
text/html 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/flow/ov1/1316376761:1691744936:WorzAhBKzLsWPeZjudsmiO_rR1onuSK9fxpHaKMmwpI/7f4f9037ce9d366d/7754e01fbf48ae6

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f9037ce9d366d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b740fe49cafb3c35d159eec6fcdc863537b2837609ed0480dc7a682d93a4a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge: 7754e01fbf48ae6
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: Fvpb8woKzgDDw680bea0BbcE2dWb559FRwHMrVGSi90G48mlneIYnaPpYiKUpWbKAMd4WJ5od7pEyAeZg1EwVD2j7jXS/gRszXUJxtzzwvQ=$Z2XjZvZQSP7fdd936OmjtA==
cf-chl-out-s: RCP4slHb21wFYaUeScp0ZBbZQ/qTdtnYvcvoh/94WxtXpv3/X5CpN+MKK9wnK/UJbY5j+zeUMbqNPOMBX0Tk16RiKpKtDkDInXe7oqYFTygOEQx2GHzMTVd1KDJUxCSgBcC8Ba3E0bhqs2apbxt5EzHbTeZaoVfBvLoo0N1KZ7O+Q/HrPNlp2/S8dA9NIsMf$CFNkyX/u01+n4p2bsY5YPA==
date: Fri, 11 Aug 2023 09:48:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 7f4f903adc159b63-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 403 Primary Request / Show response
www.mediaprimaomnia.my/ 6 KB
5 KB 15ms
14ms Document
text/html 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f9037ce9d366d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5e4f222ebb851634ebc92049247e2f175c287dc75c5389e81c148c7fbcf74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7f4f904b19319b63-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 11 Aug 2023 09:48:34 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 challenges.css
www.mediaprimaomnia.my/cdn-cgi/styles/ 6 KB
3 KB 8ms
8ms Stylesheet
text/css 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/cdn-cgi/styles/challenges.css

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 18:20:33 GMT
server: cloudflare
etag: W/"64d135f1-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7f4f904b39509b63-FRA
expires: Fri, 11 Aug 2023 11:48:34 GMT

GET
H3 200 v1 Show response
www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 156 KB
54 KB 19ms
19ms Script
application/javascript 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f904b19319b63

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f299d46c9c1dda8984c02641c5f983f0dccf4f55e01466eb537715091522c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617&__cf_chl_rt_tk=uKSj5pxs2afmWzp3t3Q2h172oyrzk4pM607nh77Th.Y-1691747314-0-gaNycGzNDBA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:48:34 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f4f904b495e9b63-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/7186c00a/ 27 KB
10 KB 28ms
27ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?onload=zE2&render=explicit
Requested by: Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f904b19319b63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27cf9c50f0d7817a79937d0115486db7debe659260a7a3b584a172cc0908d8b2

Request headers

Referer: https://www.mediaprimaomnia.my/
Origin: https://www.mediaprimaomnia.my
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:48:34 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f4f904b8ceb9048-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
www.mediaprimaomnia.my/ 6 KB
6 KB 15ms
15ms Image
text/html 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediaprimaomnia.my/favicon.ico

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ab1bc0e77ee3f0db2d580d3d0c58b619d0af5d8bf1af6fa44cab7115ea73ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 09:48:34 GMT
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7f4f904b89e39b63-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 439524c8-bf75-4811-aa5d-cd11fe0ffa02
https://www.mediaprimaomnia.my/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.mediaprimaomnia.my/439524c8-bf75-4811-aa5d-cd11fe0ffa02
Requested by: Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 add6b7fe4664ca4 Show response
www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/flow/ov1/83885503:1691744956:xIrVk5aIL-B3Vk6zcsZgZWaHsPNL6lAKNaup9XhVrtU/7f4f904b19319b63/ 10 KB
7 KB 28ms
28ms XHR
text/plain 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/flow/ov1/83885503:1691744956:xIrVk5aIL-B3Vk6zcsZgZWaHsPNL6lAKNaup9XhVrtU/7f4f904b19319b63/add6b7fe4664ca4

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f904b19319b63

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190ed4b319bb3263c51c20a0633eb2c80425ddd39bd3815ede61420b1511c698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge: add6b7fe4664ca4
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 09:48:34 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
cf-ray: 7f4f904c3aa19b63-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-chl-gen: H14BlXg4fZxoG2uKNhf6QlL4ava6jSX/gO+HWsdhoROQO5FjgXEbCc23vin8K2mc$1QhMKSokN8EyUdUfjmV7tA==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c7qmx/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 49D1 0
0 20ms
18ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/c7qmx/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?onload=zE2&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.mediaprimaomnia.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f4f904c8a57921f-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 09:48:34 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 add6b7fe4664ca4 Show response
www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/flow/ov1/83885503:1691744956:xIrVk5aIL-B3Vk6zcsZgZWaHsPNL6lAKNaup9XhVrtU/7f4f904b19319b63/ 2 KB
2 KB 24ms
24ms XHR
text/html 2606:4700::6812:cfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/flow/ov1/83885503:1691744956:xIrVk5aIL-B3Vk6zcsZgZWaHsPNL6lAKNaup9XhVrtU/7f4f904b19319b63/add6b7fe4664ca4

Requested by

Host: www.mediaprimaomnia.my
URL: https://www.mediaprimaomnia.my/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f4f904b19319b63

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:cfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

862ae4e217954354a898dced0f69e86f06712d3f485003e291b29805c1c37b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge: add6b7fe4664ca4
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: oWNCV5uqpaFedHNZWGOR/7hpfI7yI4M98s4h92LMGU8vanTeHY1HcLNulTf9bcSPIjRLBx6RaF/vp+ELRHZYBzVQu28ziva3eEzRsUO6Ys8=$3UDd7BMLDCrxlYdaG8oCsQ==
cf-chl-out-s: cnbIkRUgytVFjcJCRlB+eh1ykF7SU2glbyKaXBfE/KEXEIA1XoFkex7THTqFMfJcr9ODTo2bX4cL5ergIQKlWQ4jSRwzqJ4ADBcV3K2iC/PoTG3YNxTUqj1h/m4JY9/W+gLBo5I+pGyF5EzclQkgtLvFC/ZvpZr4bShrI6+kcROrqvtOZIgMW40T064lPyJuSqpJxOEgcE/uoX/msDBm1tT1NLoZDBIoEq9n/ZZ99gfKLigWGfnIOlwme33dnafzhrzEL0L30hW7IeQUg7nrTw==$bQpb/XTVnFfZfnMZxKVJgw==
date: Fri, 11 Aug 2023 09:48:34 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cf-ray: 7f4f904dcca59b63-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mediaprimaomnia.my/	1970-01-20 13:55:49	Name: __cf_bm Value: vXtmsHF4RiJ3Ego.zONBzoGFk5cigNxAYK17uTvEfiM-1691747311-0-AVJD1mENZMQFlo9mMbRBGl99CCxjCeE5u1qQ4ksWKJforu2eBTl0r8uq8QYx/inaRE57/h78E3maMgKaXh4OZ2w=
			www.mediaprimaomnia.my/	1970-01-20 13:55:50	Name: cf_chl_rc_m Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.mediaprimaomnia.my/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.mediaprimaomnia.my/?act=activate_via_email&hash=b0DlEeWzdZ6dQQjQoNF5VsfXvFMmXKLHKEsdBq08&user_id=124617 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.mediaprimaomnia.my/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
url4482.revmedia.my
www.mediaprimaomnia.my
167.89.115.56
2606:4700::6811:3b8
2606:4700::6812:cfb
08e105d4214d459f852fb9690b2c64b5c48c8a1765834d63f99fb59cce0462a2
16ab1bc0e77ee3f0db2d580d3d0c58b619d0af5d8bf1af6fa44cab7115ea73ba
190ed4b319bb3263c51c20a0633eb2c80425ddd39bd3815ede61420b1511c698
1b740fe49cafb3c35d159eec6fcdc863537b2837609ed0480dc7a682d93a4a8e
27cf9c50f0d7817a79937d0115486db7debe659260a7a3b584a172cc0908d8b2
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
61f8456aa74d8ab55cf80334c8c3a96c846696ea33b538aa6ce489b2444727a8
862ae4e217954354a898dced0f69e86f06712d3f485003e291b29805c1c37b8d
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
b0f299d46c9c1dda8984c02641c5f983f0dccf4f55e01466eb537715091522c4
b58614479e35e3754ca891c38b07a3b6926da4ab4fcde36b3c6ec6230a390e25
ba5e4f222ebb851634ebc92049247e2f175c287dc75c5389e81c148c7fbcf74e
dae8309ff9f128f9c738e7f63bff8c8e1c15bf625bf7e55d65b3a5cb0ceee63b
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

www.mediaprimaomnia.my Open in urlscan Pro 2606:4700::6812:cfb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

89 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

176 kBTransfer

443 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

6 Console Messages

Security Headers

Indicators

www.mediaprimaomnia.my Open in urlscan Pro
2606:4700::6812:cfb Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

176 kB
Transfer

443 kB
Size

2
Cookies

18 HTTP transactions
2 data transactions