urlscan.io logo urlscan.io
SecurityTrails logo

mybupa.bupa.com.hk Open in urlscan Pro
23.99.110.192  Public Scan

Go To Rescan Add Verdict Report
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Submission: On April 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 30 HTTP transactions. The main IP is 23.99.110.192, located in Hong Kong, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mybupa.bupa.com.hk.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 6th 2023. Valid for: a year.
This is the only time mybupa.bupa.com.hk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 23.99.110.192 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 216.58.206.36 15169 (GOOGLE)
1 216.58.212.163 15169 (GOOGLE)
2 20.50.88.235 8075 (MICROSOFT...)
30 9
18    23.99.110.192 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mybupa.bupa.com.hk
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f4.1e100.net
www.google.com
1    216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net
www.google.de
2    20.50.88.235 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
18 bupa.com.hk
mybupa.bupa.com.hk
2 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
region1.google-analytics.com — Cisco Umbrella Rank: 2548
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
257 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 728
200 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7551
63 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
351 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2810
22 KB
30 8
Domain Requested by
18 mybupa.bupa.com.hk mybupa.bupa.com.hk
3 www.googletagmanager.com mybupa.bupa.com.hk
www.googletagmanager.com
www.google-analytics.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 www.google-analytics.com mybupa.bupa.com.hk
www.google-analytics.com
1 www.google.de mybupa.bupa.com.hk
1 www.google.com mybupa.bupa.com.hk
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 az416426.vo.msecnd.net mybupa.bupa.com.hk
30 9

This site contains links to these domains. Also see Links.

Domain
www.bupa.com.hk
Subject Issuer Validity Valid
*.bupa.com.hk
Sectigo RSA Domain Validation Secure Server CA		 2023-04-06 -
2024-05-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2025-01-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-04-10 -
2025-04-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mybupa.bupa.com.hk/login?sc_lang=en
Frame ID: 9F601237913D98D50085ECCA6A527E81
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

login | myBupa

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

9
IPs

5
Countries

2328 kB
Transfer

6830 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
mybupa.bupa.com.hk/ 		30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fd6118664e783271da5221b74d2571735a9701b3b785b07a15c30ad5e91e9600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, no-store, max-age=0
content-encoding
gzip
content-length
9095
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 07:24:41 GMT
expires
Wed, 17 Apr 2024 07:24:42 GMT
last-modified
Wed, 17 Apr 2024 07:24:42 GMT
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-frame-options
SAMEORIGIN SAMEORIGIN
fevaworks.css
mybupa.bupa.com.hk/content/mybupa/css/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/css/fevaworks.css?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f9f32292607fb680c267ee889924279620b5bb333e09a07b5b835d3b353e8c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
7200
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
swiper-bundle.min.css
mybupa.bupa.com.hk/content/mybupa/js/plugin/ 		15 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/js/plugin/swiper-bundle.min.css?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d44b59513970b7d981fe03b3221ad9814cde4f842e76144767877dc1f1d02dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
5591
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
app.css
mybupa.bupa.com.hk/content/mybupa/css/ 		3 MB
486 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/css/app.css?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4337b2903ee2fb9e9c06a2628a7702b8af6b9df2cbbcdc0d1e0f0ac9e1028946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
app_hk.css
mybupa.bupa.com.hk/content/mybupa/css/ 		72 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/css/app_hk.css?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f73ebec70ffbae7c58ef7316a8a20f22e6834d4a00abaae184bf489a118be4be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
18339
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
Bupa-HK-logo-keyline.svg
mybupa.bupa.com.hk/Content/myBupa/imgs/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybupa.bupa.com.hk/Content/myBupa/imgs/logos/Bupa-HK-logo-keyline.svg
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c2a8859b8db0e64a0e9b25850dbd19432e0f96c9d6f36450fde7ff493bf90666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
6675
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
Bupa-HK-logo-hrz-2-lines-keyline.svg
mybupa.bupa.com.hk/Content/myBupa/imgs/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybupa.bupa.com.hk/Content/myBupa/imgs/logos/Bupa-HK-logo-hrz-2-lines-keyline.svg
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f8175a4daa7232046d055a29474900617993e9863ec09c8a43644b1c1e7143f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
3479
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
common.chunk.js
mybupa.bupa.com.hk/content/mybupa/js/ 		1 MB
488 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/js/common.chunk.js?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f1c7f96921e58ded732f81b1aa96bda0ae2b118c810dc3bb3e30e0a3175f6eb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
app.bundle.js
mybupa.bupa.com.hk/content/mybupa/js/ 		920 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/js/app.bundle.js?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
10ca3642828b940ce6bc2392d7be4cf43736e3ea6f86525f721a2949c92c419f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
649
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
swiper-bundle.min.js
mybupa.bupa.com.hk/content/mybupa/js/plugin/ 		132 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/js/plugin/swiper-bundle.min.js?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b86ddf488abcde3fef80626686a626e6ec5ebdc6cdc66dcd6bceae7504d814f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
49255
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
alpinejs.min.js
mybupa.bupa.com.hk/content/mybupa/js/plugin/ 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/js/plugin/alpinejs.min.js?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c52e0d648a25cf1ad6b8aab2fc228bc8dbd4c57833e54ff90ad5702f91c89690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
content-length
15945
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
lottie-player.js
mybupa.bupa.com.hk/content/mybupa/js/plugin/ 		359 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/js/plugin/lottie-player.js?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38f03e76f21b211d47d3f567188ccc1a97a9a5daa68dec418158b6aa76f4901e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
gtm.js
www.googletagmanager.com/ 		265 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJ3P39Q
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7671c6c0daa1a2b93ddb8aa5077b413f943a3bb5c785fa81839bd683c5925422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88422
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Apr 2024 07:24:42 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Apr 2024 05:39:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6320
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Apr 2024 07:39:22 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
241
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c5fd9dff-a01e-00ac-1c97-90aaf4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 17 Apr 2024 07:54:42 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E9ZKGLYLCM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ3P39Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af7158e1ae3e9b9e016ee86c929545c4af76fbb1d02a49b10ec7290bd1d067c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86238
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 07:24:42 GMT
collect
www.google-analytics.com/j/ 		16 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1860809384&t=pageview&_s=1&dl=https%3A%2F%2Fmybupa.bupa.com.hk%2Flogin%3Fsc_lang%3Den&ul=de-de&de=UTF-8&dt=login%20%7C%20myBupa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=1303521797&gjid=1349679063&cid=1239223284.1713338682&tid=UA-158183205-4&_gid=1929954663.1713338682&_r=1&_slc=1&gtm=45He44f0n81KJ3P39Qv830403786za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2128215611
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f9e6d1d162ee5a396e895f6a89c17ede6b3b0863908830e7c8db40ef00beb43d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 07:24:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mybupa.bupa.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-158183205-4&cid=1239223284.1713338682&jid=1303521797&gjid=1349679063&_gid=1929954663.1713338682&npa=1&_u=aEDAAEAAAAAAACAAI~&z=1411692179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Apr 2024 07:24:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mybupa.bupa.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E9ZKGLYLCM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e2b08723e47e61aaf5c102f1ff49f6d56ae24f8bd84f6d4d6cac0cf5fd1e4c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87986
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 07:24:42 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E9ZKGLYLCM&gtm=45je44f0v9118162361z8830403786za200&_p=1713338682348&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1239223284.1713338682&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713338682&sct=1&seg=0&dl=https%3A%2F%2Fmybupa.bupa.com.hk%2Flogin%3Fsc_lang%3Den&dt=login%20%7C%20myBupa&en=page_view&_fv=1&_ss=1&tfd=1335
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E9ZKGLYLCM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 07:24:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mybupa.bupa.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-158183205-4&cid=1239223284.1713338682&jid=1303521797&npa=1&_u=aEDAAEAAAAAAACAAI~&z=1193719686
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 07:24:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-158183205-4&cid=1239223284.1713338682&jid=1303521797&npa=1&_u=aEDAAEAAAAAAACAAI~&z=1193719686
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 07:24:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icomoon.ttf
mybupa.bupa.com.hk/content/mybupa/fonts_hk/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/fonts_hk/icomoon.ttf?v=8ve4nrvebx
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/content/mybupa/css/app.css?v=1.0.7379.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e85c5f06af6c68e40d36804b68502f7961ff7ebbaeaf7c181b8537fe82c2a4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/content/mybupa/css/app.css?v=1.0.7379.1
Origin
https://mybupa.bupa.com.hk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
39952
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
icomoon.ttf
mybupa.bupa.com.hk/content/mybupa/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/content/mybupa/fonts/icomoon.ttf?v=12ev4fzfzg
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/content/mybupa/css/app.css?v=1.0.7379.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b36d46e98dc1e3ebce2ae279bb2d1fdede51385115ccf28b0ce673873b331eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/content/mybupa/css/app.css?v=1.0.7379.1
Origin
https://mybupa.bupa.com.hk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
21084
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
confirm.html
mybupa.bupa.com.hk/Content/myBupa/templates/modal/ 		2 KB
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/Content/myBupa/templates/modal/confirm.html
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/content/mybupa/js/common.chunk.js?v=1.0.7379.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c61c38aaf1945702dbf9b06487c08125132b92f0c21a103fb06eb4cad72ac797
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
accept-ranges
bytes
content-length
685
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
GetAcceptCookiesStatus
mybupa.bupa.com.hk/mybupa/api/Cookies/ 		5 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/mybupa/api/Cookies/GetAcceptCookiesStatus
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/content/mybupa/js/common.chunk.js?v=1.0.7379.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Apr 2024 07:24:47 GMT
date
Wed, 17 Apr 2024 07:24:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 17 Apr 2024 07:24:47 GMT
vary
*
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
public, no-store, max-age=0
content-length
123
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
mybupa_au_sky.png
mybupa.bupa.com.hk/-/media/myBupa/Images/Background/ 		741 KB
742 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybupa.bupa.com.hk/-/media/myBupa/Images/Background/mybupa_au_sky.png?v=1.0.7379.1
Requested by
Host: mybupa.bupa.com.hk
URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
998358faa7494368106f233595e92249595f3c5617c5851567f3705457b13997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 24 Apr 2024 07:24:47 GMT
date
Wed, 17 Apr 2024 07:24:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 12 Jan 2022 08:06:44 GMT
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=604800
content-disposition
inline; filename="mybupa_au_sky.png"
accept-ranges
bytes
content-length
758904
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
aae6412f53e960a82448f545388442e09c1af00c382ae310e64de76bc0b9e03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://mybupa.bupa.com.hk/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 17 Apr 2024 07:24:47 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://mybupa.bupa.com.hk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 17 Apr 2024 07:24:47 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
mybupa.bupa.com.hk/Content/myBupa/imgs/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mybupa.bupa.com.hk/Content/myBupa/imgs/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.99.110.192 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2a36ba788dca98b0ec02f91659ba90345af71d4eca26f35f615a749d0e41f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mybupa.bupa.com.hk/login?sc_lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 07:24:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 07:07:42 GMT
etag
"0f3bda1277cda1:0"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
accept-ranges
bytes
content-length
15086
request-context
appId=cid-v1:d421ffa3-4ace-444b-a234-05bf8bb57075

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer string| GoogleAnalyticsObject function| ga object| appInsights object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager function| ReportAsMobile function| TouchIdLogin function| AuthgearIdTokenLogin function| AADIdTokenLogin function| webpackJsonp object| angular object| picturefillCFG function| picturefill function| _ function| Swiper object| Alpine object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| lazySizesConfig object| lazySizes

14 Cookies

Domain/Path Name / Value
mybupa.bupa.com.hk/ Name: mybupa-hk-public#lang
Value: en
mybupa.bupa.com.hk/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: 2d149e0be189451da83ee600f43b811c|False
mybupa.bupa.com.hk/ Name: __RequestVerificationToken
Value: okDbqTATROpGhhUC0D3O4Ofx5gtV7kjJb_qqJI3fUz_Q6gYTB7KkX0WKhKd16JESzvcyxDelR1AN2kaAB-vfxAX98Cu6GQO1cYTWt17roSY1
.mybupa.bupa.com.hk/ Name: ARRAffinity
Value: 78802b80c26f99ff5b4da6fc2d8fc1cc60ed23029773a4617a0f237229ba8adf
.mybupa.bupa.com.hk/ Name: ARRAffinitySameSite
Value: 78802b80c26f99ff5b4da6fc2d8fc1cc60ed23029773a4617a0f237229ba8adf
.bupa.com.hk/ Name: _gid
Value: GA1.3.1929954663.1713338682
mybupa.bupa.com.hk/ Name: ai_user
Value: EEg5L|2024-04-17T07:24:42.449Z
.mybupa.bupa.com.hk/ Name: _ga
Value: GA1.4.1239223284.1713338682
.mybupa.bupa.com.hk/ Name: _gid
Value: GA1.4.1929954663.1713338682
.mybupa.bupa.com.hk/ Name: _gat_UA-158183205-4
Value: 1
.bupa.com.hk/ Name: _ga_E9ZKGLYLCM
Value: GS1.1.1713338682.1.0.1713338682.0.0.0
.bupa.com.hk/ Name: _ga
Value: GA1.1.1239223284.1713338682
mybupa.bupa.com.hk/ Name: ASP.NET_SessionId
Value: l1epzit2ardawijrem1y5xez
mybupa.bupa.com.hk/ Name: ai_session
Value: 5FzXr|1713338687851.5|1713338687851.5

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://mybupa.bupa.com.hk/login?sc_lang=en
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
mybupa.bupa.com.hk
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
20.50.88.235
2001:4860:4802:34::36
216.58.206.36
216.58.212.163
23.99.110.192
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:400c:c00::9c
0e2b08723e47e61aaf5c102f1ff49f6d56ae24f8bd84f6d4d6cac0cf5fd1e4c2
10ca3642828b940ce6bc2392d7be4cf43736e3ea6f86525f721a2949c92c419f
38f03e76f21b211d47d3f567188ccc1a97a9a5daa68dec418158b6aa76f4901e
4337b2903ee2fb9e9c06a2628a7702b8af6b9df2cbbcdc0d1e0f0ac9e1028946
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
6f8175a4daa7232046d055a29474900617993e9863ec09c8a43644b1c1e7143f
7671c6c0daa1a2b93ddb8aa5077b413f943a3bb5c785fa81839bd683c5925422
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
998358faa7494368106f233595e92249595f3c5617c5851567f3705457b13997
aae6412f53e960a82448f545388442e09c1af00c382ae310e64de76bc0b9e03e
af7158e1ae3e9b9e016ee86c929545c4af76fbb1d02a49b10ec7290bd1d067c0
b2a36ba788dca98b0ec02f91659ba90345af71d4eca26f35f615a749d0e41f14
b36d46e98dc1e3ebce2ae279bb2d1fdede51385115ccf28b0ce673873b331eea
b86ddf488abcde3fef80626686a626e6ec5ebdc6cdc66dcd6bceae7504d814f3
c2a8859b8db0e64a0e9b25850dbd19432e0f96c9d6f36450fde7ff493bf90666
c52e0d648a25cf1ad6b8aab2fc228bc8dbd4c57833e54ff90ad5702f91c89690
c61c38aaf1945702dbf9b06487c08125132b92f0c21a103fb06eb4cad72ac797
d44b59513970b7d981fe03b3221ad9814cde4f842e76144767877dc1f1d02dac
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85c5f06af6c68e40d36804b68502f7961ff7ebbaeaf7c181b8537fe82c2a4a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c7f96921e58ded732f81b1aa96bda0ae2b118c810dc3bb3e30e0a3175f6eb7
f73ebec70ffbae7c58ef7316a8a20f22e6834d4a00abaae184bf489a118be4be
f9e6d1d162ee5a396e895f6a89c17ede6b3b0863908830e7c8db40ef00beb43d
f9f32292607fb680c267ee889924279620b5bb333e09a07b5b835d3b353e8c46
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd6118664e783271da5221b74d2571735a9701b3b785b07a15c30ad5e91e9600