fxmlhrhu9m63937f3e4a479.tukoapps.ru Open in urlscan Pro
2606:4700:3036::6815:1de1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://healthequity.crewsclaims.com/
Effective URL:
https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
Submission: On December 15 via manual (December 15th 2022, 10:18:12 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3036::6815:1de1, located in United States and belongs to CLOUDFLARENET, US. The main domain is fxmlhrhu9m63937f3e4a479.tukoapps.ru.
TLS certificate: Issued by GTS CA 1P5 on December 2nd 2022. Valid for: 3 months.

This is the only time fxmlhrhu9m63937f3e4a479.tukoapps.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	50.116.94.171 50.116.94.171	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
9	2606:4700:303... 2606:4700:3036::6815:1de1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1384	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

1 50.116.94.171 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-116-94-171.unifiedlayer.com

healthequity.crewsclaims.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3036::6815:1de1 (United States)

ASN13335 (CLOUDFLARENET, US)

fxmlhrhu9m63937f3e4a479.tukoapps.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1384 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:6b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tukoapps.ru fxmlhrhu9m63937f3e4a479.tukoapps.ru	123 KB
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 20613	94 KB
1	hcaptcha.com cloudflare.hcaptcha.com — Cisco Umbrella Rank: 9630	80 KB
1	crewsclaims.com healthequity.crewsclaims.com	553 B
18	4

	Domain	Requested by
9	fxmlhrhu9m63937f3e4a479.tukoapps.ru	healthequity.crewsclaims.com fxmlhrhu9m63937f3e4a479.tukoapps.ru
8	challenges.cloudflare.com	1 redirects challenges.cloudflare.com healthequity.crewsclaims.com
1	cloudflare.hcaptcha.com	fxmlhrhu9m63937f3e4a479.tukoapps.ru
1	healthequity.crewsclaims.com
18	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
*.tukoapps.ru GTS CA 1P5	`2022-12-02` - `2023-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-02` - `2023-04-02`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
Frame ID: AEC11843945763F5F398756F3DC4F290
Requests: 15 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: F34560B63FE297F31F9634523B9D968B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://healthequity.crewsclaims.com/ Page URL
https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M Page URL

Page Statistics

18
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

297 kB
Transfer

683 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://healthequity.crewsclaims.com/ Page URL
https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/e8fb49cb/api.js?onload=_cf_chl_turnstile_l&render=explicit

18 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
healthequity.crewsclaims.com/ 111 B
553 B 713ms
502ms Document
text/html 50.116.94.171
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://healthequity.crewsclaims.com/
Protocol: HTTP/1.1
Server: 50.116.94.171 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-94-171.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 118
Content-Type: text/html; charset=UTF-8
Date: Thu, 15 Dec 2022 22:18:06 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=75
Pragma: no-cache
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H2 403 Primary Request M Show response
fxmlhrhu9m63937f3e4a479.tukoapps.ru/ 8 KB
5 KB 158ms
94ms Document
text/html 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M

Requested by

Host: healthequity.crewsclaims.com
URL: http://healthequity.crewsclaims.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca8debf7cc16286e06fce585aea5665e39281bef65112ecd87a40d3fe423ac7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://healthequity.crewsclaims.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass: 1
cf-ray: 77a28da2ac4b19fb-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 22:18:07 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWfo9KNYu7Gd2uP8QWcwQ0zZr3PfNyQhMvclMBXzjjA%2B8I2Nv1j2KWJwFkvaBzn1VnNKhV2TG9mRgWbvEl8wY8U1Gfi9gS%2Blp%2FNatPKIELmTLHGPiF7hmWAhys6dSn9pRKG0wJ4K38aUVoC4D%2FHYrABi3biApa7c3EsUO4W92Vbaaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/styles/ 6 KB
3 KB 26ms
25ms Stylesheet
text/css 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/styles/challenges.css

Requested by

Host: fxmlhrhu9m63937f3e4a479.tukoapps.ru
URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faa67d3b2b2220dc526c921c1fc47df5b956559a293d5e07fbaf58a52462f6bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 12:07:58 GMT
server: cloudflare
etag: W/"6397199e-1896"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 77a28da34df519fb-EWR
expires: Fri, 16 Dec 2022 00:18:07 GMT

GET
H2 403 favicon.ico
fxmlhrhu9m63937f3e4a479.tukoapps.ru/ 8 KB
8 KB 59ms
59ms Image
text/html 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/favicon.ico

Requested by

Host: fxmlhrhu9m63937f3e4a479.tukoapps.ru
URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

621b337f1c17a0885dd103132b9f5bbfec17f16f5cd6baa085e38d17398e36b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:07 GMT
content-encoding: br
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwN9kVtiFoPg36RhYKiQ04eKz36r4iaF7oFhrX2uq%2BOYpsgUF9RJnWr6%2FX81inejjTIrKF90fhprVyEvZvr9ATC79N13YiCEhpeWErdHNt11N0xxdYy7xqM8nV8dORZiLPS0hjChAQORK%2FG2vNdJuU6562VX2iSs0hqUDHd7SdqqfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 77a28da34dfd19fb-EWR
cf-chl-bypass: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 v1 Show response
fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 49 KB
22 KB 52ms
52ms Script
application/javascript 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=77a28da2ac4b19fb
Requested by: Host: fxmlhrhu9m63937f3e4a479.tukoapps.ru
URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a60c172c0275840044402bb51c722be8b109c2d7655f94952827ba1bbbebc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M?__cf_chl_rt_tk=ULJbSTbvyz7ODO_Hswl4zp0i8gaPSKx_xYCym8U.bHc-1671142687-0-gaNycGzNCKU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKtj02uR2u0wpyPD5xifVQSRXmpNjizL0%2FbtnyzXgP%2FggG1TuSWjvbb0JPF8SW%2Bd%2FXPjS5l%2BGgxCr9dZNcExlFt6j3bHMwIZfUwchNulcGmhqankgT6%2BfiBzpyDFMQ7tVIGUhQaBn8Co17ColpeVgJ9PM%2FrhUpKvUwFt%2FXARoQxe7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 77a28da37e5f19fb-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 transparent.gif
fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/images/trace/managed/js/ 42 B
129 B 23ms
23ms Image
image/gif 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=77a28da2ac4b19fb

Requested by

Host: fxmlhrhu9m63937f3e4a479.tukoapps.ru
URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M?__cf_chl_rt_tk=ULJbSTbvyz7ODO_Hswl4zp0i8gaPSKx_xYCym8U.bHc-1671142687-0-gaNycGzNCKU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M?__cf_chl_rt_tk=ULJbSTbvyz7ODO_Hswl4zp0i8gaPSKx_xYCym8U.bHc-1671142687-0-gaNycGzNCKU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 12:07:58 GMT
server: cloudflare
etag: "6397199e-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 77a28da37e6119fb-EWR
content-length: 42
expires: Fri, 16 Dec 2022 00:18:07 GMT

GET
H2 200 api.js Show response
cloudflare.hcaptcha.com/1/ 283 KB
80 KB 70ms
29ms Script
application/javascript 2606:4700::6812:1384
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Requested by

Host: fxmlhrhu9m63937f3e4a479.tukoapps.ru
URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=77a28da2ac4b19fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1384 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f676989179b27992168739e48568f7c436d3a3fbfefc21cbe708e92d874c097

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:07 GMT
strict-transport-security: max-age=0
via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-amz-cf-pop: JFK50-P1
x-cache: Hit from cloudfront
last-modified: Wed, 14 Dec 2022 13:16:17 GMT
server: cloudflare
etag: W/"296a7b883d83d08deba774d9d65eba34"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=120
cf-ray: 77a28da41f26d15b-BUF
x-amz-cf-id: rPMkViE-S8Xbc8AHJG2XmXCC_HDxaQDVG3OC_08THqHzLAXf8fUaew==

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 4837847bb6f812a Show response
fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.027580524971606832:1671138530:xtCIt6-W69wHK8O8N-nw64wfNUm8Cd8C-Rj9eikKwxo/77a28da2ac4b19fb/ 133 KB
79 KB 195ms
194ms XHR
text/plain 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.027580524971606832:1671138530:xtCIt6-W69wHK8O8N-nw64wfNUm8Cd8C-Rj9eikKwxo/77a28da2ac4b19fb/4837847bb6f812a
Requested by: Host: fxmlhrhu9m63937f3e4a479.tukoapps.ru
URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=77a28da2ac4b19fb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35bc7715debf4b3a75261052d9bf0e16d7880f1fcf85b5534b8b2cc5e9d43fa

Request headers

Referer: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
CF-Challenge: 4837847bb6f812a
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 15 Dec 2022 22:18:07 GMT
content-encoding: br
cf_chl_gen: YvZi+qPnX9oTaZzzu/XhRKveW9V/CW5WY8MQ+ySDL81D7K9snKW32ctrV8014zk6Ml1BZZql+4QO476TWb0Aiskyf1gf+rx6WtbVlE7dScC4UHHrGr94Bw0O5RHQ4LqQg8Q2G7B/Tc334dv1sl/txIAGATw/n8stXdXkWr5m2WXB2jeakf8WCNZmBbszDNtCGqJ/APBbNJHOBK8wd+tCWPVhPxESKQqQJjHX+uoOKFIa1pvprh5w4iyvH5tUvkC6Tre9fGlsHXt4DrWzsBcB1I4R6LWS3rcd/htnTtyfKm7zwAx62RReVrAmxW9njX6pi5MHInZzfueyeKF461aI39nU0fqZOxZV9gjNVk7lKPN1pQEEbzRinyvwGPsy0cAR$1fsnKWy66KAPNm2q/gvmQQ==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7IKuIKLphcbmp8QZZzgU44GN6O4a0xvvIrYeM8BTIydJglSncKL1pLzCzlHEOOJGaZKitXaJKX6PTSkMLdeq4TlBhcOsr4Gu6jggob3F2db%2Bnxx8B7Oq3fayUSpwUS87sjOfhOko89PZk0vngzmgR7SYMFX%2Fwgvv6hKajyJPkOqoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 77a28da4bf7ec46b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 401 ZXllkpoaLXrtMz2 Show response
fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/pat/77a28da2ac4b19fb/1671142687523/24e1875fd0333fb4dffdff3fc947b7f11a2b4875b78a75a4fc5c7dbe17dc0a75/ 1 B
969 B 59ms
57ms Fetch
text/plain 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/pat/77a28da2ac4b19fb/1671142687523/24e1875fd0333fb4dffdff3fc947b7f11a2b4875b78a75a4fc5c7dbe17dc0a75/ZXllkpoaLXrtMz2
Requested by: Host: healthequity.crewsclaims.com
URL: http://healthequity.crewsclaims.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:07 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gJOGHX9AzP7Tf_f8_yUe38RorSHW3inWk_Fx9vhfcCnUAI2Z4bWxocmh1OW02MzkzN2YzZTRhNDc5LnR1a29hcHBzLnJ1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1HSaqyVC-9dZ6x140ww1UEN-oKwDstzIpKza5MB9DwTVC3dQrqERs6RRziazQKSKTFtNhBRksx91R75g7H3TNPlwtv_o2iXHn0eq3FLhumzppERlgZrN1kERKe29xXy_OQ-XIsGTrIVYkUIeJK_ojF5BvyxLa4Kz7kq2Gv7YXnpwemMQJUAtiG5tBmq-msfrZWV3AGza_ea9j7Z_zm2gVgLaZCEjGdyHCWZtjulzegfVFpy7Lflj0r_-K3QmoHsGCUMKJQeFJKbO0uqXGESuCqNufzTKbdBIq2pGCV4tB9uRlsswTm-OcxqRiYMrk1FaoSLFeghvwy_nBXXxiZoHBQIDAQAB, max-age=15
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEHZhZKXl5P21wMTrCGj7uj4AO4NUo4MKgA%2FTXQSd5dPEZU7Q%2ByH8VUuL4ueccnNNsss2ryi1WCM998RsglAA0NnekjrHRSFRUCZjBUwuEXGE5it4M7BaMI6hYY9H5U9AyXfIYBZnT%2BYYChD6EQcszdGP36X3e3WY8i2S%2FeRzNqoYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 77a28da68b71c46b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dv5C3Sb12qxpEOx
fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/img/77a28da2ac4b19fb/1671142687526/ 61 B
478 B 48ms
48ms Image
image/png 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/img/77a28da2ac4b19fb/1671142687526/dv5C3Sb12qxpEOx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f18a432a83cd93d92e19efa2f0ea84b3a983d318af42bed078c09712faf928bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77a28dab1e84c46b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ssoo74CHtHCDzWeSjE0%2FOwoVqJAYrrN5dJpb8yjwyaLTJh06aTKPNAxgCbg5HNwbw3vUPyoVzXHirljI7Ylfqz8rwv%2BuRdqkmXZV%2FhlDiMCOTmYfzZZlJvlAW3YApi8wtNZad8w1WUYyOfEEoehKVQIQXufOXqbndbQ0LfLZIBvPVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 4837847bb6f812a Show response
fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.027580524971606832:1671138530:xtCIt6-W69wHK8O8N-nw64wfNUm8Cd8C-Rj9eikKwxo/77a28da2ac4b19fb/ 5 KB
4 KB 81ms
80ms XHR
text/plain 2606:4700:3036::6815:1de1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/0.027580524971606832:1671138530:xtCIt6-W69wHK8O8N-nw64wfNUm8Cd8C-Rj9eikKwxo/77a28da2ac4b19fb/4837847bb6f812a
Requested by: Host: fxmlhrhu9m63937f3e4a479.tukoapps.ru
URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=77a28da2ac4b19fb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48b5a374ebbad17f9dc42ce54f712ef85f0a019abf55bbb7d9add7efb7bf43de

Request headers

Referer: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
CF-Challenge: 4837847bb6f812a
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 15 Dec 2022 22:18:09 GMT
content-encoding: br
cf_chl_gen: 4T69HISLZirL5rTyUN8wC7k3hZJ+gr9Q4Vtim8fzLig=$o8fGT7JlZ1gruI60AQhl+A==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QadlEg8EaISO3qcsXmqflxXHDF7wan1M5ubP39w%2FsZNS7Gg1LKzXm0kYgE3k4L0Zn6NCzkpUgqwIQgz5AL1WTi7P2z20qKNetJkl7IQOCE6PZXBGND77qbuv%2Fox24dJ9gOy2iS%2FSKvfdcpJc37sHu7UfOFsjsVrmrfOC3WFRnrYCfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 77a28daf6fa3c46b-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/e8fb49cb/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/e8fb49cb/api.js?onload=_cf_chl_turnstile_l&render=explicit

11 KB
4 KB

60ms
42ms

Script
application/javascript

2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/e8fb49cb/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197a463fd56d01b0359994b08c3e3d4823f066a83fe115324e09912fb5b17660

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:09 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 77a28db06a9ed157-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: /turnstile/v0/g/e8fb49cb/api.js?onload=_cf_chl_turnstile_l&render=explicit
date: Thu, 15 Dec 2022 22:18:09 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 77a28db02dead153-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary: accept-encoding

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame F345 19 KB
7 KB 33ms
33ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97e610573deca2f92029e468397cc45de3b5517ddcb9621bbf1afa3f1645e8e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 77a28db0bad7d157-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 22:18:09 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame F345 58 KB
25 KB 26ms
26ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=77a28db0bad7d157
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44c8e27f44d7981c5df909fb5d0bfeb3b65af1113dd0eda3466a2587b7fcbd68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:09 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 77a28db10b1fd157-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 eca760a51c10725 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06829957418011251:1671142159:wb7ynIoyQijJWNZ9Iw-MHtMdboBSaVyWD7VUiH6m8xc/77a28db0bad7d157/ Frame F345 92 KB
48 KB 84ms
83ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06829957418011251:1671142159:wb7ynIoyQijJWNZ9Iw-MHtMdboBSaVyWD7VUiH6m8xc/77a28db0bad7d157/eca760a51c10725
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=77a28db0bad7d157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a744ffbd66ddcc4ca19d1b0801198cee5917f217075e9bd1add27a44c0fd05e

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
CF-Challenge: eca760a51c10725
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 15 Dec 2022 22:18:09 GMT
content-encoding: br
cf_chl_gen: LtYAv7wUaxqaLhU0nz3HYn4t1DYnOfRNUpY7VGNW0iFyktsuc1/cMFvzq4r+tRPvH60mr9ptGVNN9xCQE+iCOhTlwsa+N93y86m4OCt0Kay7JvO9dGRkeiW12AJZlepGAsDqo1dr+hgRtMkmUsjTnG6G8NRkbiiYuVcEKzwriQ4M5T42vdCgV6DFQqHqQJJ+FSMPrUtIxYR8jwQ68DTvF2aC3dCYgS/AW8wJLBYycq6xjmzXfufTwjRQnuz2zolO6IPeaf592L6oeoIHGr0IIXpVAqb1TbtUZvA0lDRQTwLnWKJ2S7GXbSiOU7+NRxj9+fyd2iSfGVs9YNvybXjxBajGqxLZobUOM62i/9aaR2tAkxzM8JxfSvdALa/VHNpi$8FbIYQT99bnwnb89EZcrAA==
server: cloudflare
cf-ray: 77a28db20c43d157-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 401 YzzZwlMWM60kEOg Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/77a28db0bad7d157/1671142689627/84d5757c19078149ab1df1dd946eed165f3b326792e1bd13e11998f0e88e7548/ Frame F345 1 B
649 B 40ms
40ms Fetch
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/77a28db0bad7d157/1671142689627/84d5757c19078149ab1df1dd946eed165f3b326792e1bd13e11998f0e88e7548/YzzZwlMWM60kEOg
Requested by: Host: healthequity.crewsclaims.com
URL: http://healthequity.crewsclaims.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:09 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20ghNV1fBkHgUmrHfHdlG7tFl87MmeS4b0T4RmY8OiOdUgAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1HSaqyVC-9dZ6x140ww1UEN-oKwDstzIpKza5MB9DwTVC3dQrqERs6RRziazQKSKTFtNhBRksx91R75g7H3TNPlwtv_o2iXHn0eq3FLhumzppERlgZrN1kERKe29xXy_OQ-XIsGTrIVYkUIeJK_ojF5BvyxLa4Kz7kq2Gv7YXnpwemMQJUAtiG5tBmq-msfrZWV3AGza_ea9j7Z_zm2gVgLaZCEjGdyHCWZtjulzegfVFpy7Lflj0r_-K3QmoHsGCUMKJQeFJKbO0uqXGESuCqNufzTKbdBIq2pGCV4tB9uRlsswTm-OcxqRiYMrk1FaoSLFeghvwy_nBXXxiZoHBQIDAQAB, max-age=15
server: cloudflare
cf-ray: 77a28db2dd04d157-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 81D2x8w25UQDbAb
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/77a28db0bad7d157/1671142689628/ Frame F345 61 B
166 B 37ms
37ms Image
image/png 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/77a28db0bad7d157/1671142689628/81D2x8w25UQDbAb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 848a44ca52df60b56b01381b62dbf7693406dbb8a7ad764cabad1f2d36619100

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:10 GMT
server: cloudflare
cf-ray: 77a28db57fa9d157-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

POST
H3 200 eca760a51c10725 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06829957418011251:1671142159:wb7ynIoyQijJWNZ9Iw-MHtMdboBSaVyWD7VUiH6m8xc/77a28db0bad7d157/ Frame F345 11 KB
8 KB 49ms
46ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06829957418011251:1671142159:wb7ynIoyQijJWNZ9Iw-MHtMdboBSaVyWD7VUiH6m8xc/77a28db0bad7d157/eca760a51c10725
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=77a28db0bad7d157
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb21aa4a1b8e72215db8df9f8464fca51e78b688dc2885f475be6215ba6c0e29

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/si8c6/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
CF-Challenge: eca760a51c10725
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 15 Dec 2022 22:18:10 GMT
content-encoding: br
cf_chl_gen: zB3FTVArYoFg0L6qwI7hkqKNIecyDma6VPpClsbkWrg=$OIGT4Gt4O5cJ4n2antqkkg==
server: cloudflare
cf-ray: 77a28db8cab8d157-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			healthequity.crewsclaims.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0a1b13187a14df51ccc707a3d628a027

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/M Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fxmlhrhu9m63937f3e4a479.tukoapps.ru/cdn-cgi/challenge-platform/h/g/pat/77a28da2ac4b19fb/1671142687523/24e1875fd0333fb4dffdff3fc947b7f11a2b4875b78a75a4fc5c7dbe17dc0a75/ZXllkpoaLXrtMz2 Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/77a28db0bad7d157/1671142689627/84d5757c19078149ab1df1dd946eed165f3b326792e1bd13e11998f0e88e7548/YzzZwlMWM60kEOg Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
cloudflare.hcaptcha.com
fxmlhrhu9m63937f3e4a479.tukoapps.ru
healthequity.crewsclaims.com
2606:4700:3036::6815:1de1
2606:4700::6812:1384
2606:4700::6812:6b9
50.116.94.171
0a744ffbd66ddcc4ca19d1b0801198cee5917f217075e9bd1add27a44c0fd05e
197a463fd56d01b0359994b08c3e3d4823f066a83fe115324e09912fb5b17660
33a60c172c0275840044402bb51c722be8b109c2d7655f94952827ba1bbbebc9
44c8e27f44d7981c5df909fb5d0bfeb3b65af1113dd0eda3466a2587b7fcbd68
48b5a374ebbad17f9dc42ce54f712ef85f0a019abf55bbb7d9add7efb7bf43de
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
621b337f1c17a0885dd103132b9f5bbfec17f16f5cd6baa085e38d17398e36b7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7f676989179b27992168739e48568f7c436d3a3fbfefc21cbe708e92d874c097
848a44ca52df60b56b01381b62dbf7693406dbb8a7ad764cabad1f2d36619100
8ca8debf7cc16286e06fce585aea5665e39281bef65112ecd87a40d3fe423ac7
97e610573deca2f92029e468397cc45de3b5517ddcb9621bbf1afa3f1645e8e0
cb21aa4a1b8e72215db8df9f8464fca51e78b688dc2885f475be6215ba6c0e29
e35bc7715debf4b3a75261052d9bf0e16d7880f1fcf85b5534b8b2cc5e9d43fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18a432a83cd93d92e19efa2f0ea84b3a983d318af42bed078c09712faf928bf
faa67d3b2b2220dc526c921c1fc47df5b956559a293d5e07fbaf58a52462f6bd
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

fxmlhrhu9m63937f3e4a479.tukoapps.ru Open in urlscan Pro 2606:4700:3036::6815:1de1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

89 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

5 IPs

1 Countries

297 kBTransfer

683 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

fxmlhrhu9m63937f3e4a479.tukoapps.ru Open in urlscan Pro
2606:4700:3036::6815:1de1 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

297 kB
Transfer

683 kB
Size

1
Cookies

18 HTTP transactions
3 data transactions