urlscan.io logo urlscan.io
SecurityTrails logo

bupa.movie-vouchers.com.au Open in urlscan Pro
13.54.123.87  Public Scan

Go To Rescan Add Verdict Report
URL: https://bupa.movie-vouchers.com.au/
Submission: On June 14 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 13.54.123.87, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is bupa.movie-vouchers.com.au.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 12th 2024. Valid for: a year.
This is the only time bupa.movie-vouchers.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 13.54.123.87 16509 (AMAZON-02)
3 13.239.110.79 16509 (AMAZON-02)
1 172.217.167.74 15169 (GOOGLE)
1 23.77.149.172 16625 (AKAMAI-AS)
1 142.250.66.227 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
17 7
9    13.54.123.87 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
bupa.movie-vouchers.com.au
3    13.239.110.79 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-110-79.ap-southeast-2.compute.amazonaws.com
www.choovie.com.au
1    172.217.167.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f10.1e100.net
fonts.googleapis.com
1    23.77.149.172 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-149-172.deploy.static.akamaitechnologies.com
api.ewaypayments.com
1    142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net
fonts.gstatic.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o1294733.ingest.us.sentry.io
Domain Requested by
9 bupa.movie-vouchers.com.au www.choovie.com.au
bupa.movie-vouchers.com.au
3 www.choovie.com.au bupa.movie-vouchers.com.au
1 o1294733.ingest.us.sentry.io www.choovie.com.au
1 fonts.gstatic.com fonts.googleapis.com
1 api.ewaypayments.com bupa.movie-vouchers.com.au
1 fonts.googleapis.com bupa.movie-vouchers.com.au
17 6

This site contains links to these domains. Also see Links.

Domain
www.chooviegroup.com
Subject Issuer Validity Valid
bupa.movie-vouchers.com.au
Amazon RSA 2048 M02		 2024-06-12 -
2025-07-12		 a year crt.sh
www.choovie.com.au
Amazon RSA 2048 M03		 2024-04-13 -
2025-05-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
www.eway.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-02-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bupa.movie-vouchers.com.au/
Frame ID: 95689D4B1155D9893E563DCF45561B29
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bupa | Selling Movie Tickets for Regional Cinemas

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

507 kB
Transfer

1660 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bupa.movie-vouchers.com.au/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bupa.movie-vouchers.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c6179b2d28ff06d2a4239cb82b9420bdbadd36e7dd1e1ba74d4719758c005e83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://bupa.movie-vouchers.com.au
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Jun 2024 09:36:30 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
sameorigin
x-permitted-cross-domain-policies
all
x-ratelimit-limit
500
x-ratelimit-remaining
499
x-ratelimit-reset
1718357850
x-xss-protection
1; mode=block
main.80261400c9db1af454d4.css
www.choovie.com.au/asset/ 		93 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choovie.com.au/asset/main.80261400c9db1af454d4.css
Requested by
Host: bupa.movie-vouchers.com.au
URL: https://bupa.movie-vouchers.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.110.79 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-110-79.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0cf1d300612cbd6a6212f050c02628e30457e78ce907e2253de408401aefc1ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 04:37:02 GMT
server
nginx
etag
W/"666925ee-1749e"
content-type
text/css
css2
fonts.googleapis.com/ 		3 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@400;500;700&display=swap
Requested by
Host: bupa.movie-vouchers.com.au
URL: https://bupa.movie-vouchers.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f10.1e100.net
Software
ESF /
Resource Hash
9a645f85a6dce3406186a3e54333fede09bb3ace8cfe380cd6d7ad0a7e945a97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 09:36:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 09:18:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 09:36:30 GMT
main.dea528d52ca1ef4b0fcc.bundle.js
www.choovie.com.au/asset/ 		564 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choovie.com.au/asset/main.dea528d52ca1ef4b0fcc.bundle.js
Requested by
Host: bupa.movie-vouchers.com.au
URL: https://bupa.movie-vouchers.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.110.79 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-110-79.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e773cfd6fd5025f9ec6c8de00117ff795c7710625217859c3ded098a61c61a96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 04:37:02 GMT
server
nginx
etag
W/"666925ee-8cf3f"
content-type
application/javascript
vendors.2c127430e7e544da44a6.bundle.js
www.choovie.com.au/asset/ 		934 KB
281 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choovie.com.au/asset/vendors.2c127430e7e544da44a6.bundle.js
Requested by
Host: bupa.movie-vouchers.com.au
URL: https://bupa.movie-vouchers.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.110.79 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-110-79.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
73edd8564fab97f28152800bbdbb972fb25ad4e4744795cea34e485bb2f9f82d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 04:37:02 GMT
server
nginx
etag
W/"666925ee-e98bb"
content-type
application/javascript
js
api.ewaypayments.com/JSONP/v3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ewaypayments.com/JSONP/v3/js
Requested by
Host: bupa.movie-vouchers.com.au
URL: https://bupa.movie-vouchers.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.149.172 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-149-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f2a22b067e690752de437cf648007e322cea535f49c89135b92af2865ab36ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Fri, 14 Jun 2024 09:36:30 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000
Vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1227
X-XSS-Protection
1; mode=block
Expires
-1
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bupa.movie-vouchers.com.au
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:01:55 GMT
x-content-type-options
nosniff
age
581676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 16:01:55 GMT
login-token
bupa.movie-vouchers.com.au/api/user/ 		34 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupa.movie-vouchers.com.au/api/user/login-token
Requested by
Host: www.choovie.com.au
URL: https://www.choovie.com.au/asset/vendors.2c127430e7e544da44a6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d1b75fd759bb7c93a1cf0d7d92a947feb8d9b517bb633e0dccf9d22e488df821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://bupa.movie-vouchers.com.au/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
all
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
nginx
x-download-options
noopen
x-ratelimit-remaining
499
x-frame-options
sameorigin
content-type
application/json
access-control-allow-origin
https://bupa.movie-vouchers.com.au
access-control-max-age
86400
access-control-allow-credentials
true
x-ratelimit-reset
1718357851
x-ratelimit-limit
500
43
bupa.movie-vouchers.com.au/api/subscriber-group-white-label/ 		1 KB
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupa.movie-vouchers.com.au/api/subscriber-group-white-label/43
Requested by
Host: www.choovie.com.au
URL: https://www.choovie.com.au/asset/vendors.2c127430e7e544da44a6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9071049e3f93f59b667865f3df643c9e3f480a6fcdeab3b106fafa58ee893d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://bupa.movie-vouchers.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-permitted-cross-domain-policies
all
x-download-options
noopen
x-ratelimit-remaining
498
x-frame-options
sameorigin
content-type
application/json
x-ratelimit-reset
1718357850
x-ratelimit-limit
500
x-xss-protection
1; mode=block
seasonal-voucher-manager
bupa.movie-vouchers.com.au/api/ 		294 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupa.movie-vouchers.com.au/api/seasonal-voucher-manager
Requested by
Host: www.choovie.com.au
URL: https://www.choovie.com.au/asset/vendors.2c127430e7e544da44a6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
47de4e2015859116b8bd5c01bea73e263c744fe71a93cc2ec964b1d92541ac89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://bupa.movie-vouchers.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-permitted-cross-domain-policies
all
x-download-options
noopen
x-ratelimit-remaining
498
x-frame-options
sameorigin
content-type
application/json
x-ratelimit-reset
1718357851
x-ratelimit-limit
500
x-xss-protection
1; mode=block
13dfe083-3883-4283-b2f0-3ddde91d5423
https://bupa.movie-vouchers.com.au/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bupa.movie-vouchers.com.au/13dfe083-3883-4283-b2f0-3ddde91d5423
Requested by
Host: bupa.movie-vouchers.com.au
URL: https://bupa.movie-vouchers.com.au/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://bupa.movie-vouchers.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
10285
Content-Type
logo-bupa.png
bupa.movie-vouchers.com.au/asset/img/brands/bupa/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bupa.movie-vouchers.com.au/asset/img/brands/bupa/logo-bupa.png
Requested by
Host: bupa.movie-vouchers.com.au
URL: https://bupa.movie-vouchers.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3e41e0952034c15a04ef756ff5b071a5326ec39128cdeab0d8504eccf1db781e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bupa.movie-vouchers.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 12 Jun 2024 04:37:02 GMT
server
nginx
etag
"666925ee-c83"
content-type
image/png
accept-ranges
bytes
content-length
3203
no_public_access_image_large.webp
bupa.movie-vouchers.com.au/asset/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bupa.movie-vouchers.com.au/asset/img/no_public_access_image_large.webp
Requested by
Host: bupa.movie-vouchers.com.au
URL: https://bupa.movie-vouchers.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
02fcfcc3b6a5fc0690ac39414357a0acf1bc37f71c1eb776f474a37e26a992f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bupa.movie-vouchers.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 12 Jun 2024 04:37:02 GMT
server
nginx
etag
"666925ee-3f54"
content-type
image/webp
accept-ranges
bytes
content-length
16212
43
bupa.movie-vouchers.com.au/api/media/top-banner/ 		27 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupa.movie-vouchers.com.au/api/media/top-banner/43
Requested by
Host: www.choovie.com.au
URL: https://www.choovie.com.au/asset/vendors.2c127430e7e544da44a6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
11cced41d8e48f1add0e7b0215b0086749b37040f48655bd4c729a8fd7a4e40f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://bupa.movie-vouchers.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-permitted-cross-domain-policies
all
x-download-options
noopen
x-ratelimit-remaining
497
x-frame-options
sameorigin
content-type
application/json
x-ratelimit-reset
1718357850
x-ratelimit-limit
500
x-xss-protection
1; mode=block
43
bupa.movie-vouchers.com.au/api/movie-club/ 		59 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupa.movie-vouchers.com.au/api/movie-club/43
Requested by
Host: www.choovie.com.au
URL: https://www.choovie.com.au/asset/vendors.2c127430e7e544da44a6.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
77bcef55ad0075aa700bec3ac7997e14c5c402e9a107e2863d2f2035ec09ba40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://bupa.movie-vouchers.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
server
nginx
x-permitted-cross-domain-policies
all
x-download-options
noopen
x-ratelimit-remaining
497
x-frame-options
sameorigin
content-type
application/json
x-ratelimit-reset
1718357851
x-ratelimit-limit
500
x-xss-protection
1; mode=block
favicon-bupa.png
bupa.movie-vouchers.com.au/asset/img/brands/bupa/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bupa.movie-vouchers.com.au/asset/img/brands/bupa/favicon-bupa.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.54.123.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-123-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1748e37fec4b30a87f3cd1bde0114302e5a8cd5ef4757a77d2ff869767499861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bupa.movie-vouchers.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 09:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 12 Jun 2024 04:37:02 GMT
server
nginx
etag
"666925ee-647"
content-type
image/png
accept-ranges
bytes
content-length
1607
/
o1294733.ingest.us.sentry.io/api/6598565/envelope/ 		41 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o1294733.ingest.us.sentry.io/api/6598565/envelope/?sentry_key=46c0969978134787b835ad495ca27b68&sentry_version=7&sentry_client=sentry.javascript.react%2F7.109.0
Requested by
Host: www.choovie.com.au
URL: https://www.choovie.com.au/asset/vendors.2c127430e7e544da44a6.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed99712c0d7b96db6ee4cbdf25d11b6c0152d74b5e2c9455079ceee37157022e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://bupa.movie-vouchers.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Jun 2024 09:36:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webpackChunkchoovie_front_end object| regeneratorRuntime object| __SENTRY__ function| eWAY

1 Cookies

Domain/Path Name / Value
bupa.movie-vouchers.com.au/ Name: csrfToken
Value: Oewte1r%2BwCruOro5VcKqBWE4NTljMWQ2ZjhjZWIxZjJiMTIzMWIzMTYzMzU0YTgzMWQyZjY2YjY%3D

2 Console Messages

Source Level URL
Text
network error URL: https://bupa.movie-vouchers.com.au/api/user/login-token
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://bupa.movie-vouchers.com.au/api/movie-club/43
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ewaypayments.com
bupa.movie-vouchers.com.au
fonts.googleapis.com
fonts.gstatic.com
o1294733.ingest.us.sentry.io
www.choovie.com.au
13.239.110.79
13.54.123.87
142.250.66.227
172.217.167.74
23.77.149.172
34.120.195.249
02fcfcc3b6a5fc0690ac39414357a0acf1bc37f71c1eb776f474a37e26a992f5
0cf1d300612cbd6a6212f050c02628e30457e78ce907e2253de408401aefc1ad
11cced41d8e48f1add0e7b0215b0086749b37040f48655bd4c729a8fd7a4e40f
1748e37fec4b30a87f3cd1bde0114302e5a8cd5ef4757a77d2ff869767499861
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b
3e41e0952034c15a04ef756ff5b071a5326ec39128cdeab0d8504eccf1db781e
47de4e2015859116b8bd5c01bea73e263c744fe71a93cc2ec964b1d92541ac89
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5f2a22b067e690752de437cf648007e322cea535f49c89135b92af2865ab36ef
73edd8564fab97f28152800bbdbb972fb25ad4e4744795cea34e485bb2f9f82d
77bcef55ad0075aa700bec3ac7997e14c5c402e9a107e2863d2f2035ec09ba40
9071049e3f93f59b667865f3df643c9e3f480a6fcdeab3b106fafa58ee893d27
9a645f85a6dce3406186a3e54333fede09bb3ace8cfe380cd6d7ad0a7e945a97
c6179b2d28ff06d2a4239cb82b9420bdbadd36e7dd1e1ba74d4719758c005e83
d1b75fd759bb7c93a1cf0d7d92a947feb8d9b517bb633e0dccf9d22e488df821
e773cfd6fd5025f9ec6c8de00117ff795c7710625217859c3ded098a61c61a96
ed99712c0d7b96db6ee4cbdf25d11b6c0152d74b5e2c9455079ceee37157022e