urlscan.io logo urlscan.io
SecurityTrails logo

onlineservices.bupasalud.com Open in urlscan Pro
149.97.233.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://onlineservicesshell.bupasalud.com/
Effective URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Submission: On July 22 via manual from GT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 73 HTTP transactions. The main IP is 149.97.233.2, located in Miami, United States and belongs to EQUINIX, NL. The main domain is onlineservices.bupasalud.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 29th 2023. Valid for: a year.
This is the only time onlineservices.bupasalud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 38 149.97.233.2 15830 (EQUINIX)
1 52.239.172.132 8075 (MICROSOFT...)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
12 20.150.36.228 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:2800:133... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
3 52.239.207.225 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.50.88.241 8075 (MICROSOFT...)
73 16
38    149.97.233.2 (Miami, United States)

ASN15830 (EQUINIX, NL)
onlineservicesshell.bupasalud.com
onlineservices.bupasalud.com
1    52.239.172.132 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bupadigitalassetsdev.blob.core.windows.net
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bgladigitalsaprod-d5gsapesc5g9gxe2.z01.azurefd.net
12    20.150.36.228 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bupadigitalassetsprod.blob.core.windows.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    52.239.207.225 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bupadigitalstoragedev.blob.core.windows.net
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    20.50.88.241 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
38 bupasalud.com
onlineservicesshell.bupasalud.com
onlineservices.bupasalud.com
2 MB
16 windows.net
bupadigitalassetsdev.blob.core.windows.net
bupadigitalassetsprod.blob.core.windows.net
bupadigitalstoragedev.blob.core.windows.net
304 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
961 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
220 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 853
441 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
78 KB
1 gstatic.com
www.gstatic.com
213 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 5485
22 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
775 B
1 azurefd.net
bgladigitalsaprod-d5gsapesc5g9gxe2.z01.azurefd.net
3 KB
73 13
Domain Requested by
22 onlineservices.bupasalud.com 2 redirects onlineservicesshell.bupasalud.com
onlineservices.bupasalud.com
16 onlineservicesshell.bupasalud.com onlineservicesshell.bupasalud.com
12 bupadigitalassetsprod.blob.core.windows.net onlineservicesshell.bupasalud.com
3 www.google.com onlineservices.bupasalud.com
www.gstatic.com
3 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
3 bupadigitalstoragedev.blob.core.windows.net onlineservices.bupasalud.com
3 www.googletagmanager.com onlineservices.bupasalud.com
www.googletagmanager.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 www.facebook.com onlineservices.bupasalud.com
2 connect.facebook.net onlineservicesshell.bupasalud.com
connect.facebook.net
1 www.gstatic.com www.google.com
1 az416426.vo.msecnd.net onlineservices.bupasalud.com
1 cdnjs.cloudflare.com onlineservices.bupasalud.com
1 fonts.googleapis.com onlineservices.bupasalud.com
1 bgladigitalsaprod-d5gsapesc5g9gxe2.z01.azurefd.net onlineservicesshell.bupasalud.com
1 bupadigitalassetsdev.blob.core.windows.net
73 16

This site contains links to these domains. Also see Links.

Domain
www.bupasalud.com.co
www.bupasalud.com
Subject Issuer Validity Valid
*.bupasalud.com
Go Daddy Secure Certificate Authority - G2		 2023-10-29 -
2024-11-29		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-26 -
2025-03-21		 a year crt.sh
*.azurefd.net
Microsoft Azure RSA TLS Issuing CA 04		 2024-05-10 -
2025-05-05		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-24 -
2025-06-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Frame ID: CF000FE6B164AF98A97376140B2F9DD7
Requests: 68 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfUl4wUAAAAAGL_lUEl5ZY1Y6vURI1TTAIiylF1&co=aHR0cHM6Ly9vbmxpbmVzZXJ2aWNlcy5idXBhc2FsdWQuY29tOjQ0Mw..&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=7poe1x3zbgr1
Frame ID: E60238DE2271CB7C521042EBE86CE2E6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LfUl4wUAAAAAGL_lUEl5ZY1Y6vURI1TTAIiylF1
Frame ID: D72B680C82677DB6B4E29CB1C7C8179D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MI BUPA

Page URL History Show full URLs

  1. http://onlineservicesshell.bupasalud.com/ HTTP 307
    https://onlineservicesshell.bupasalud.com/ Page URL
  2. https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/connect/authorize?response_type=id_token%2... HTTP 302
    https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/login?signin=3df2066b3e3b454ff9ff43cbdf434ac2 HTTP 302
    https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf43... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

73
Requests

99 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

2728 kB
Transfer

6675 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://onlineservicesshell.bupasalud.com/ HTTP 307
    https://onlineservicesshell.bupasalud.com/ Page URL
  2. https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/connect/authorize?response_type=id_token%20token&client_id=bupaonlineservices_web_client&state=OTRORFFjWXVCTGY3RHZQSllvZVZSTmNKRXJQY3VEeTBISWdYWWJmZXMuTHJX&redirect_uri=https%3A%2F%2Fonlineservicesshell.bupasalud.com&scope=openid%20profile%20bupa_impersonalize%20policy%20provider%20bupa_profile%20user%20agent%20payment%20claim%20claimsubmission%20enrollment%20common%20customer%20preauthorization%20medicalquestionary%20amigosplus_quote%20finance%20catalog%20quote%20telemedicine&nonce=OTRORFFjWXVCTGY3RHZQSllvZVZSTmNKRXJQY3VEeTBISWdYWWJmZXMuTHJX&lang=SPA&context= HTTP 302
    https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/login?signin=3df2066b3e3b454ff9ff43cbdf434ac2 HTTP 302
    https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://onlineservicesshell.bupasalud.com/ HTTP 307
  • https://onlineservicesshell.bupasalud.com/

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
onlineservicesshell.bupasalud.com/
Redirect Chain
  • http://onlineservicesshell.bupasalud.com/
  • https://onlineservicesshell.bupasalud.com/
21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7ae319b13e2b438a30d17caadc1946e0b46f184c6ceed4d5b1a3fbc172ba0c7f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
3856
Content-Type
text/html
Date
Mon, 22 Jul 2024 23:55:52 GMT
ETag
"0e8e17e56d9da1:0:dtagent10293240704151944Zc6F"
Last-Modified
Thu, 18 Jul 2024 21:07:27 GMT
Server
Microsoft-IIS/10.0
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-934938230"
Vary
Accept-Encoding
X-OneAgent-JS-Injection
true
X-ruxit-JS-Agent
true

Redirect headers

Location
https://onlineservicesshell.bupasalud.com/
Non-Authoritative-Reason
HttpsUpgrades
ruxitagentjs_ICANQVfghqru_10293240704151944.js
onlineservicesshell.bupasalud.com/ 		304 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/ruxitagentjs_ICANQVfghqru_10293240704151944.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c190d19ac5152b3b8f45f3c7b8533082a46c4fcfa7731d7730efe77cb7587ff4

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Server
Microsoft-IIS/10.0
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Content-Length
115467
Expires
Tue, 22 Jul 2025 23:55:53 GMT
polyfills.d7c8d7082b8e887b.js
onlineservicesshell.bupasalud.com/ 		2 MB
652 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
dc90b3ea039b87aaed6738cc5c55216e4eaa3e62e89e09dca1918e50f3baf33b

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Origin
https://onlineservicesshell.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0614e7b56d9da1:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="764573147", dtTao;desc="1"
Accept-Ranges
bytes
Timing-Allow-Origin
*
main.9ed5be1ecb2aced8.js
onlineservicesshell.bupasalud.com/ 		2 MB
672 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/main.9ed5be1ecb2aced8.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e02c7a15547e1cacd650820161623199fa74ba580f585dcb3e7459c63f68e1c5

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Origin
https://onlineservicesshell.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0614e7b56d9da1:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
ruxitagentjs_D_10293240704151944.js
onlineservicesshell.bupasalud.com/ 		43 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/ruxitagentjs_D_10293240704151944.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c24c57e2a008772108ff8f149c91a934e18e0078bc450eefe29e43efe3fbe345

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Server
Microsoft-IIS/10.0
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Content-Length
16082
Expires
Tue, 22 Jul 2025 23:55:53 GMT
styles.242a99b65b7b0e8b.css
onlineservicesshell.bupasalud.com/ 		284 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/styles.242a99b65b7b0e8b.css
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
41677db66c188b7390a733fd2d3dcb3b12b867b4edc07efd69eaa0ad4fe2abf1

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0614e7b56d9da1:0"
Vary
Accept-Encoding
Content-Type
text/css
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1805812004"
Accept-Ranges
bytes
Content-Length
55925
config.json
onlineservicesshell.bupasalud.com/ 		10 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/config.json?v=0.0.4
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
40cae2ae2432e793c2640425550c7a873c898439c8f3f5deb76afbade8b9aca6

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:54 GMT
Last-Modified
Fri, 19 Jul 2024 12:07:24 GMT
Server
Microsoft-IIS/10.0
ETag
"b7f1ef37d4d9da1:0:dtagent10293240704151944Zc6F"
Content-Type
application/json
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-160153455"
Accept-Ranges
bytes
Content-Length
10511
favicon.ico
onlineservicesshell.bupasalud.com/ 		21 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4523347cd108b99c08a5211e62ad748d3460d2130153ef33e76208cc329f100b

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:28 GMT
Server
Microsoft-IIS/10.0
ETag
"0e8e17e56d9da1:0"
Vary
Accept-Encoding
Content-Type
text/html
Accept-Ranges
bytes
Content-Length
3445
5173.ab64dcbaed0747be.js
onlineservicesshell.bupasalud.com/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/5173.ab64dcbaed0747be.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/main.9ed5be1ecb2aced8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
19a0c23828a8211a66b51a0c78745af7b4c4399c5e2abfd674e179ed7027c814

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Origin
https://onlineservicesshell.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0614e7b56d9da1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-143892613", dtTao;desc="1"
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
27112
3483.61964a9811cd07f6.js
onlineservicesshell.bupasalud.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/3483.61964a9811cd07f6.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/main.9ed5be1ecb2aced8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
40f58b84303fa4887237608592fea210414616fc07636d360a28ca547dcb6ec0

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Origin
https://onlineservicesshell.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0614e7b56d9da1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1837979209", dtTao;desc="1"
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
3566
469.a71aa84e45c2c4e8.js
onlineservicesshell.bupasalud.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/469.a71aa84e45c2c4e8.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/main.9ed5be1ecb2aced8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c4464a402dbf4d371dbc7339608852ee446bc0e12326996e22ae63a5317db3f3

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Origin
https://onlineservicesshell.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0614e7b56d9da1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
833
9588.05fb0538289b0b94.js
onlineservicesshell.bupasalud.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/9588.05fb0538289b0b94.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/main.9ed5be1ecb2aced8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2e6f5e74a262577a06491e18ab45e67afa2257a050fd432f3f0128bcb52d1133

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Origin
https://onlineservicesshell.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0614e7b56d9da1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="739144522", dtTao;desc="1"
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2584
config.json
onlineservicesshell.bupasalud.com/ 		10 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/config.json?v=0.0.4
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
40cae2ae2432e793c2640425550c7a873c898439c8f3f5deb76afbade8b9aca6

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
Authorization
Bearer null
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:54 GMT
Last-Modified
Fri, 19 Jul 2024 12:07:24 GMT
Server
Microsoft-IIS/10.0
ETag
"b7f1ef37d4d9da1:0:dtagent10293240704151944Zc6F"
Content-Type
application/json
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-160153455"
Accept-Ranges
bytes
Content-Length
10511
Metropolis-Medium.woff2
bupadigitalassetsdev.blob.core.windows.net/bgla-metrolopis-fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsdev.blob.core.windows.net/bgla-metrolopis-fonts/Metropolis-Medium.woff2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.239.172.132 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
84aa673f22ff38f0b0b85c375d0efcec2c9663d7807f048d7733365ead3bfe12

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Origin
https://onlineservicesshell.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Wed, 12 Oct 2022 15:25:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
YIazHTRCSbukNxJTAXa1/w==
ETag
0x8DAAC65F85EB2BB
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
x-ms-request-id
abe93de9-001e-0026-2092-dc1fbd000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
23096
8093.c10785718f377281.js
onlineservicesshell.bupasalud.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/8093.c10785718f377281.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/main.9ed5be1ecb2aced8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3f8a92cb22e6742cc28f47badee3bf8d7fc012c591b9cdead2ef821a82701638

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Origin
https://onlineservicesshell.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 23:55:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jul 2024 21:07:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0614e7b56d9da1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-259455834", dtTao;desc="1"
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
6009
openid-configuration
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/.well-known/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://onlineservicesshell.bupasalud.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
Access-Control-Expose-Headers
Request-Context
Content-Length
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Date
Mon, 22 Jul 2024 23:55:55 GMT
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
SERVER
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-AspNetMvc-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-POWERED-BY
X-Xss-Protection
1; mode=block
SPA.json
bgladigitalsaprod-d5gsapesc5g9gxe2.z01.azurefd.net/bupa-onlineservice-i18n/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bgladigitalsaprod-d5gsapesc5g9gxe2.z01.azurefd.net/bupa-onlineservice-i18n/SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b767c0474481aded464969b64ef1163b9d68061195b94c14121d7b24e78b19c

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 22 Jul 2024 23:55:28 GMT
content-encoding
br
last-modified
Thu, 27 Jun 2024 00:08:42 GMT
vary
Accept-Encoding, Origin
x-azure-ref
20240722T235527Z-r185d5857fbt84qwu073nr8stn000000089g0000000182zw
content-type
application/json
access-control-allow-origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
f55f2b8e-901e-004b-2292-dc104e000000
access-control-allow-credentials
true
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
30930165
x-cache
TCP_MISS
DASHBOARD_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-dashboard-i18n/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-dashboard-i18n/DASHBOARD_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5aaf7641ee06388e99a84fc277b392fefa21c7a4c9ebd87959f70da6228855c4

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:28 GMT
Last-Modified
Thu, 27 Jun 2024 00:08:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
KkEES/0uOF0uJnxeguVfBg==
ETag
0x8DC963D3A23D925
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
98c528be-301e-0030-0792-dc52d2000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
4344
POLICY_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-policy-i18n/ 		23 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-policy-i18n/POLICY_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2615af16e3cc99b0b4e9e43b6098f6cb392313aa6aa485a350b3824fdc131bec

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 00:09:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
0Ptt8ax5N3FISDZw527zzg==
ETag
0x8DC963D74EB6798
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
4feec01c-a01e-000d-3992-dc24c9000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
23820
CLAIMS_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-claims-i18n/ 		33 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-claims-i18n/CLAIMS_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9918f5f37110227c918d2bb138baac90413c293ded813dbd26a8d12a4e62e6b0

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 00:06:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ml159aD7Zn+alaFwIsjqAg==
ETag
0x8DC963CF83F20A5
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
ed1cabe4-e01e-0023-3192-dc76de000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
33719
PREAUTHORIZATION_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-preauthorization-i18n/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-preauthorization-i18n/PREAUTHORIZATION_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3e3b0cfecf7bc7c4ccf2d4c2aab21993b284add26631872b111814389656f9e6

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 00:10:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
mPcmq2mCrYwSKP6MTNIH6w==
ETag
0x8DC963D7F3D2CF4
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
5605dd34-101e-0037-0692-dc3eb1000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
6394
USER_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-user-i18n/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-user-i18n/USER_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
62bf328d6cbf71696c8c57995e409f06e97ebf6f04cd80be14eca56ee2ff9fdb

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 00:10:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
BPgO9cfmf/Wpoj8x6MDB5w==
ETag
0x8DC963D94F951A7
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
4feec07a-a01e-000d-0992-dc24c9000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
6551
QUERY_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-query-i18n/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-query-i18n/QUERY_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a6ba3783aee54aa4a6e75c1d25bd6fc6ec85581129d54b4fa941162f8207f62f

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 00:10:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
JZAQKlp5rPI8/tK1zHdUXA==
ETag
0x8DC963D89BA1AB2
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
ed1cabaa-e01e-0023-8092-dc76de000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
5171
USER_MANAGEMENT_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-user-management-i18n/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-user-management-i18n/USER_MANAGEMENT_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dfb71324841cdbe1dd205982a0c2887a796d74a77401f14d55cbd6765895f39c

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 00:10:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
X0e64j5w0N7uapDV60Rg5w==
ETag
0x8DC963D9F3C9A30
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
d02e5cf7-a01e-0040-7392-dceb25000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
2904
NOTIFICATION_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-notification-i18n/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-notification-i18n/NOTIFICATION_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c8f062fa11fe7d3001012737d29e92ca5235ab794be7a0cb071fff09014b80e3

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 00:09:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
UHKysldgEf7VUsBAwF//fg==
ETag
0x8DC963D6AC3B94E
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
d0ca0ae6-001e-002b-2a92-dc6cd1000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
1044
HELPANDSUPPORT_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-helpandsupport-i18n/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-helpandsupport-i18n/HELPANDSUPPORT_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
60a00fa163e65f9771ac252b440ce729a9ccaaacd197260ccc93cde867461c0b

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 00:08:23 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
a2931S6BqrneKYBB7CE20g==
ETag
0x8DC963D42E63834
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
5605dd61-101e-0037-2592-dc3eb1000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
1789
AGENTS_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-agents-i18n/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-agents-i18n/AGENTS_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
631598f14ea39b2b590384202b29b595edf5e382845868ff514b276102bf5657

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:28 GMT
Last-Modified
Thu, 27 Jun 2024 00:05:29 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
2uiuKuMCnU5iFE7r1YcugA==
ETag
0x8DC963CDAAC12E5
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
98c52913-301e-0030-5092-dc52d2000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
1755
BLUA_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-blua-i18n/ 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-blua-i18n/BLUA_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
026497900b25f45748834a2d96426a4f94f1c1a525a5ebd67a2a3eaa539f1564

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 02:59:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
uR47hkKR1++p6JWKUZtaxQ==
ETag
0x8DC96551A9578F7
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
d0ca0b1c-001e-002b-5092-dc6cd1000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
19097
PAYMENT_SPA.json
bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-payment-i18n/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bupadigitalassetsprod.blob.core.windows.net/bupa-onlineservice-payment-i18n/PAYMENT_SPA.json?v=CHn8dlWsc8
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.36.228 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
10ecc7f30f5b7c84401604072829c482cab3803cf4e76e90901f55c745074e31

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:27 GMT
Last-Modified
Thu, 27 Jun 2024 02:57:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
73VHgrPdaZ5fYLFLX4+qnA==
ETag
0x8DC9654F38737BD
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
x-ms-request-id
d02e5cbb-a01e-0040-4292-dceb25000000
Access-Control-Allow-Credentials
true
x-ms-version
2009-09-19
Content-Length
7027
openid-configuration
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/.well-known/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/.well-known/openid-configuration
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
6542122ed3091924b71a205371a2f99db43959777992ca24bc21b3a84b6bc35d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
Authorization
Bearer null
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
Date
Mon, 22 Jul 2024 23:55:55 GMT
X-AspNet-Version
X-POWERED-BY
Content-Length
2412
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
SERVER
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
Access-Control-Expose-Headers
Request-Context
rb_bf09191zww
onlineservicesshell.bupasalud.com/ 		119 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/rb_bf09191zww?type=js3&sn=v_4_srv_3_sn_1D4DFC47475C29C8F0DFE4A9C3B23361_perc_100000_ol_0_mul_1_app-3Adef24e80eac75efa_1_rcs-3Acss_0&svrid=3&flavor=post&vi=HBAWVTSNWFRRJPAOFCFEURCKOUPGPPPM-0&modifiedSince=1720731075793&rf=https%3A%2F%2Fonlineservicesshell.bupasalud.com%2F&bp=3&app=def24e80eac75efa&crc=3601910301&en=nxa4gsmj&end=1
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/ruxitagentjs_ICANQVfghqru_10293240704151944.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
93e68dbcfde0192467d759c5a996fdce9d737d0a2242edec8f09adcc103bb34a

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 22 Jul 2024 23:55:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
jwks
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/.well-known/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/.well-known/jwks
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://onlineservicesshell.bupasalud.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
Access-Control-Expose-Headers
Request-Context
Content-Length
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Date
Mon, 22 Jul 2024 23:55:55 GMT
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
SERVER
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1303872512", dtTao;desc="1"
Strict-Transport-Security
max-age=31536000; includeSubdomains
Timing-Allow-Origin
*
X-AspNet-Version
X-AspNetMvc-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-POWERED-BY
X-Xss-Protection
1; mode=block
jwks
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/.well-known/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/.well-known/jwks
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/polyfills.d7c8d7082b8e887b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://onlineservicesshell.bupasalud.com/
Authorization
Bearer null
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
nosniff
Date
Mon, 22 Jul 2024 23:55:55 GMT
X-AspNet-Version
X-POWERED-BY
Content-Length
1515
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
SERVER
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://onlineservicesshell.bupasalud.com
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Primary Request login
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/
Redirect Chain
  • https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/connect/authorize?response_type=id_token%20token&client_id=bupaonlineservices_web_client&state=OTRORFFjWXVCTGY3RHZQSllvZVZSTmN...
  • https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/login?signin=3df2066b3e3b454ff9ff43cbdf434ac2
  • https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
37 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/main.9ed5be1ecb2aced8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
cf9b087531387d50e2c77afd6d99adf2ee688915fc1b578d16ce763971d98ac2
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Encoding
gzip
Content-Length
8230
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html; charset=utf-8
Date
Mon, 22 Jul 2024 23:55:56 GMT
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
SERVER
Server-Timing
dtSInfo;desc="0", dtRpid;desc="70675411"
Strict-Transport-Security
max-age=31536000; includeSubdomains
Vary
Accept-Encoding
X-AspNet-Version
X-AspNetMvc-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-OneAgent-JS-Injection
true
X-POWERED-BY
X-Xss-Protection
1; mode=block
X-ruxit-JS-Agent
true

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Length
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Date
Mon, 22 Jul 2024 23:55:55 GMT
Expires
-1
Location
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Pragma
no-cache
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
SERVER
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1603991130"
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-AspNetMvc-Version
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-POWERED-BY
X-Xss-Protection
1; mode=block
rb_bf09191zww
onlineservicesshell.bupasalud.com/ 		119 B
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://onlineservicesshell.bupasalud.com/rb_bf09191zww?type=js3&sn=v_4_srv_3_sn_1D4DFC47475C29C8F0DFE4A9C3B23361_perc_100000_ol_0_mul_1_app-3Adef24e80eac75efa_1_rcs-3Acss_0&svrid=3&flavor=post&vi=HBAWVTSNWFRRJPAOFCFEURCKOUPGPPPM-0&modifiedSince=1720731075793&rf=https%3A%2F%2Fonlineservicesshell.bupasalud.com%2F&bp=3&app=def24e80eac75efa&crc=904377101&en=nxa4gsmj&end=1
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/ruxitagentjs_ICANQVfghqru_10293240704151944.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Referer
https://onlineservicesshell.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 22 Jul 2024 23:55:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
rb_bf09191zww
onlineservicesshell.bupasalud.com/ 		0
0
ruxitagentjs_ICANQVfghqru_10293240704151944.js
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/ruxitagentjs_ICANQVfghqru_10293240704151944.js
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
Date
Mon, 22 Jul 2024 23:55:56 GMT
X-AspNet-Version
X-POWERED-BY
Content-Length
2014
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
SERVER
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 23:55:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 23:55:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jul 2024 23:55:29 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 23:55:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
385367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRrXHP%2B9TCZRZG4esjhAXUduPdipkBYHt87%2BuWRr9Gh42sJrPiyg1qobuBspzLtMAlNkVLjVWrILTk3ccvqJdl4hdZOyLi4c9y4tNvTbPeti6wv5%2FazfF1XmKnSTO%2BV0XzyHKQ99WBxWFFbP5oySfIyX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a775ca86ce6383b-FRA
expires
Sat, 12 Jul 2025 23:55:29 GMT
bootstrapmap
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/ 		0
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/bootstrapmap?v=
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
Date
Mon, 22 Jul 2024 23:55:56 GMT
X-AspNet-Version
X-POWERED-BY
Content-Length
0
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:57 GMT
SERVER
Vary
User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:57 GMT
bootstrap
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/ 		140 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/bootstrap?v=HpElui1JSY2zyh0gozZx6wsY9TGeua3u7sZ9Tfd1REQ1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
064a92f4dccfa05528adfb3eb155801eeb8c80cdb96a703849f6fbd5c9244eec
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:56 GMT
Content-Length
32282
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:57 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:57 GMT
css
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/ 		137 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/css?v=z86q7QOhsWWOyKfg8nuMumaqsTlbOlnx41uAfM0DbtQ1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
d32a2c25a1d42e4ec2cdba97fd110a40669f7ff015c2b02fad1bcb7b3c6d3234
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:56 GMT
Content-Length
24278
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:57 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:57 GMT
modernizr
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:56 GMT
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1095725285"
Content-Length
5229
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:56 GMT
SERVER
ETag
"1721692557:dtagent10293240704151944qCRJ"
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:57 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 22 Jul 2024 23:55:30 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1165
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (ama/488D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fc1af912-201e-00ea-108f-dce7f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Tue, 23 Jul 2024 00:25:30 GMT
gtm.js
www.googletagmanager.com/ 		220 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMTNRCN
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13a75a16cfa81b9316f5ad4362fdf042ae741a1c407e1e408efb68d822052382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 23:55:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80016
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 22:44:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jul 2024 23:55:30 GMT
Bupa-logo.png
bupadigitalstoragedev.blob.core.windows.net/login/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bupadigitalstoragedev.blob.core.windows.net/login/Bupa-logo.png
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.239.207.225 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3ee1fc83db2266ada5fdf0db0fb706735739dfbe81765dde37679c1c1cef4f88

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:30 GMT
Last-Modified
Wed, 18 Oct 2023 15:58:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Syi1OF+EKTYC+smVu+oMzQ==
ETag
0x8DBCFF302051273
Vary
Origin
Content-Type
image/png
x-ms-request-id
4d8dd0ec-401e-001b-7e92-dc4a07000000
x-ms-version
2009-09-19
Content-Length
76251
js
www.googletagmanager.com/gtag/ 		195 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30863850-2
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ef58696cfdb9e43f2610669b9cca8687abd39571dd207a46fc1951d4ac00880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 23:55:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72216
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 22:44:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jul 2024 23:55:30 GMT
jquery
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		98 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/jquery?v=5_ZXCYMyNO_xAmusrOInIa2QGXbpkfSudB0S8cK2tZ41
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
24c0273b0779df6b9932a85cb5dbc33edc923c1d57b9d14099b5a80e599f510a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:56 GMT
Content-Length
44741
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:57 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:57 GMT
img_registro.jpg
bupadigitalstoragedev.blob.core.windows.net/login/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bupadigitalstoragedev.blob.core.windows.net/login/img_registro.jpg
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/css?v=z86q7QOhsWWOyKfg8nuMumaqsTlbOlnx41uAfM0DbtQ1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.239.207.225 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6f8cf1f7513ed91a696cdc1bbe0c079cf7e9b33db7fd45ee37161b09108c2edc

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:30 GMT
Last-Modified
Tue, 12 May 2020 13:55:38 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ckhJyqXWtUUnjNrD372bHg==
ETag
0x8D7F67C26EB628C
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
e3c504d1-f01e-00d5-3692-dc9b89000000
x-ms-version
2009-09-19
Content-Length
71084
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Fonts/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/css?v=z86q7QOhsWWOyKfg8nuMumaqsTlbOlnx41uAfM0DbtQ1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/css?v=z86q7QOhsWWOyKfg8nuMumaqsTlbOlnx41uAfM0DbtQ1
Origin
https://onlineservices.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
Date
Mon, 22 Jul 2024 23:55:56 GMT
X-AspNet-Version
X-POWERED-BY
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-477137991", dtTao;desc="1"
Content-Length
60840
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Sat, 18 May 2024 00:16:13 GMT
SERVER
ETag
"0db1798b8a8da1:0:dtagent10293240704151944qCRJ"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Access-Control-Allow-Origin
https://onlineservices.bupasalud.com
Access-Control-Expose-Headers
Request-Context
Accept-Ranges
bytes
Timing-Allow-Origin
*
fontawesome-webfont.woff2
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/css?v=z86q7QOhsWWOyKfg8nuMumaqsTlbOlnx41uAfM0DbtQ1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/Content/css?v=z86q7QOhsWWOyKfg8nuMumaqsTlbOlnx41uAfM0DbtQ1
Origin
https://onlineservices.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
Date
Mon, 22 Jul 2024 23:55:56 GMT
X-AspNet-Version
X-POWERED-BY
Content-Length
77160
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Sat, 18 May 2024 00:16:14 GMT
SERVER
ETag
"0db1798b8a8da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Access-Control-Allow-Origin
https://onlineservices.bupasalud.com
Access-Control-Expose-Headers
Request-Context
Accept-Ranges
bytes
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMTNRCN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 23:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
869
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Jul 2024 01:41:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: onlineservicesshell.bupasalud.com
URL: https://onlineservicesshell.bupasalud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Jul 2024 23:55:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
rewGfTq6l4i80Aptc3IwQGxU+J1vGTi2UDzFKpcBw+71fZR4QdGLP+OJcHVCaJtcLymewxGHe68EfkeThrnikA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		195 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30863850-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMTNRCN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74a9c20f2bed7b96f0ee69c14cdc9956f00a31f31e7d63653a769183ba7d06af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 23:55:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72274
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 22:44:40 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jul 2024 23:55:30 GMT
collect
www.google-analytics.com/j/ 		3 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=241560931&t=pageview&_s=1&dl=https%3A%2F%2Fonlineservices.bupasalud.com%2FBupa.Security%2FIdentityServer%2Fcore%2Fauth%2Flogin%3Fid%3D3df2066b3e3b454ff9ff43cbdf434ac2%26lang%3DSPA&dr=https%3A%2F%2Fonlineservicesshell.bupasalud.com%2F&ul=de-de&de=UTF-8&dt=MI%20BUPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=623458412&gjid=156881220&cid=558714208.1721692530&tid=UA-30863850-2&_gid=514130561.1721692530&_r=1&_slc=1&gtm=45He47h0n81NMTNRCNv811930584za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=345531747
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 23:55:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onlineservices.bupasalud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=241560931&t=pageview&_s=1&dl=https%3A%2F%2Fonlineservices.bupasalud.com%2FBupa.Security%2FIdentityServer%2Fcore%2Fauth%2Flogin%3Fid%3D3df2066b3e3b454ff9ff43cbdf434ac2%26lang%3DSPA&dr=https%3A%2F%2Fonlineservicesshell.bupasalud.com%2F&ul=de-de&de=UTF-8&dt=MI%20BUPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1946779008&gjid=1441766071&cid=558714208.1721692530&tid=UA-30863850-2&_gid=514130561.1721692530&_r=1&gtm=457e47h0za200zb811930584&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1922421186
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 23:55:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onlineservices.bupasalud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
538252329667445
connect.facebook.net/signals/config/ 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/538252329667445?v=2.9.162&r=stable&domain=onlineservices.bupasalud.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
707041e056c2599259c8ea63f49d83d3bc44b88afb2a34fdbd2325e2026d4f46
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Jul 2024 23:55:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=65, mss=1328, tbw=64198, tp=-1, tpl=-1, uplat=121, ullat=0
pragma
public
x-fb-debug
5BE/4LqYBsoZOXZ48ZXXTcciAs01t8Nf2PAHlHaO6BrYjnRO660qntl8OMvdrueFrqlNIlvs81eRfdjNuE8iGg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=538252329667445&ev=PageView&dl=https%3A%2F%2Fonlineservices.bupasalud.com&rl=https%3A%2F%2Fonlineservicesshell.bupasalud.com&if=false&ts=1721692530508&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721692530505.431505607405600264&cs_est=true&pm=1&hrl=dec050&ler=other&cdl=API_unavailable&it=1721692530354&coo=false&cs_cc=1&cas=25515390911379564%2C6978667722143722%2C5664739026875735&rqm=GET
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 Jul 2024 23:55:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=538252329667445&ev=PageView&dl=https%3A%2F%2Fonlineservices.bupasalud.com&rl=https%3A%2F%2Fonlineservicesshell.bupasalud.com&if=false&ts=1721692530508&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721692530505.431505607405600264&cs_est=true&pm=1&hrl=dec050&ler=other&cdl=API_unavailable&it=1721692530354&coo=false&cs_cc=1&cas=25515390911379564%2C6978667722143722%2C5664739026875735&rqm=FGET
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3dce308e72414d07","source_keys":["1","2"]},{"key_piece":"0xd1ce5e825b26cd9f","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:3190122501088924","7830:3190122501088924","10853:3190122501088924","41:3190122501088924","8046:3190122501088924"]}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 22 Jul 2024 23:55:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394613111070114271", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=14, mss=1328, tbw=3135, tp=-1, tpl=-1, uplat=159, ullat=0
pragma
no-cache
x-fb-debug
yRTZINGsIKUl9yP9MQdwmDdJpsl8vpADAaCLW93qyuW/VycSUIONgI6+c1PUq4Obq50rIcNvF/izb0YxbzhX2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394613111070114271"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
bootstrap
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/bootstrap?v=2Fz3B0iizV2NnnamQFrx-NbYJNTFeBJ2GM05SilbtQU1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:57 GMT
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1312554362"
Content-Length
11226
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:57 GMT
SERVER
ETag
"1721692558:dtagent10293240704151944qCRJ"
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:58 GMT
wow
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/wow?v=tfa_ORT44p9iWR8d3y_1oplw2Zr7Sl2gu0iZ0UgJphY1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
9a160281169cc9be9aee45787dcb4c6e8680eac20716c75f04e3aea91ef5d0cb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:57 GMT
Content-Length
1453
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:58 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:58 GMT
jqBootstrapValidation
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/jqBootstrapValidation?v=aDtz9sfxPICDMeQXavRyFTEcb15O5DAwRsjibbUCVJk1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
a366c2f879151d2fdd8b54e3c173bc8f40b115faa36153708c976c3091988df4
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:57 GMT
Content-Length
4950
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:58 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:58 GMT
application
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		869 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/application?v=6dOR47MLUgBE8Mqnp1wqyyzVAFhtMQ_WHfxDnbuSBQA1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
e2a0c4f8b702250ca1bba9c7264cd459ce7c3e468a4d4a97bfe373ebe39d8438
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:57 GMT
Content-Length
606
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:58 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:58 GMT
application_wow
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		320 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/application_wow?v=ituZiMxs9c11eaZ-XnXG78MohZt61dzLNDW1Q64h2rQ1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
c3c6259312083e707a0e0a9c8b227c900712c9c5a8018674d165f9851cd3d529
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:57 GMT
Content-Length
337
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:58 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:58 GMT
translation
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/translation?v=h0KxXx0IyLczwKggkJOWl2ymqfVAbQ9My2gSfUCYFh81
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
50436524cad4b0315a2018f65e19f2d1424dab0130f8c10b189f8472082ea791
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:57 GMT
Content-Length
1047
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:58 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:58 GMT
help
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/ 		375 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/bundles/help?v=nce-dSMaC4RguCJChmDkiIaPOnhSdiVnsLgvZs48jKM1
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.97.233.2 Miami, United States, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
/
Resource Hash
d37a6e478f4cfe3f1703c6d224a96c60bd668fa71435d5548afda7961078c401
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-AspNet-Version
X-POWERED-BY
Date
Mon, 22 Jul 2024 23:55:57 GMT
Content-Length
293
X-Xss-Protection
1; mode=block
Public-Key-Pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
Request-Context
appId=cid-v1:0aa3836d-5e9b-44a2-a655-9c1ed260c76a
X-AspNetMvc-Version
Last-Modified
Mon, 22 Jul 2024 23:55:58 GMT
SERVER
Vary
User-Agent,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Expires
Tue, 22 Jul 2025 23:55:58 GMT
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: onlineservices.bupasalud.com
URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 23:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 22 Jul 2024 23:55:31 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onlineservices.bupasalud.com/
Origin
https://onlineservices.bupasalud.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 14:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217833
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Jul 2025 14:32:13 GMT
anchor
www.google.com/recaptcha/api2/ Frame E602 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfUl4wUAAAAAGL_lUEl5ZY1Y6vURI1TTAIiylF1&co=aHR0cHM6Ly9vbmxpbmVzZXJ2aWNlcy5idXBhc2FsdWQuY29tOjQ0Mw..&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=7poe1x3zbgr1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X8jP9rXPIjFqCU36_9WCVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-X8jP9rXPIjFqCU36_9WCVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 23:55:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://onlineservices.bupasalud.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Mon, 22 Jul 2024 23:55:31 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		337 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
341e7fc9550aa1c279ac9ccc64388e39e3190b0db863c3f8286769bbc0fee028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://onlineservices.bupasalud.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 23:55:31 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
favicon.ico
bupadigitalstoragedev.blob.core.windows.net/login/ 		18 KB
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bupadigitalstoragedev.blob.core.windows.net/login/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.239.207.225 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a9dd92efbdc40e71810878d88404ff81d421666e576fdecdfe69367a87c4ddae

Request headers

Referer
https://onlineservices.bupasalud.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 22 Jul 2024 23:55:31 GMT
Last-Modified
Tue, 19 May 2020 21:03:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
yht7KSiVz4i3Bmxo9QCWNQ==
ETag
0x8D7FC380B875052
Vary
Origin
Content-Type
image/x-icon
x-ms-request-id
e3c5058f-f01e-00d5-5792-dc9b89000000
x-ms-version
2009-09-19
Content-Length
18655
bframe
www.google.com/recaptcha/api2/ Frame D72B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LfUl4wUAAAAAGL_lUEl5ZY1Y6vURI1TTAIiylF1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SzzUElvi6rAotEaLo5DKrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onlineservices.bupasalud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SzzUElvi6rAotEaLo5DKrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 23:55:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onlineservicesshell.bupasalud.com
URL
https://onlineservicesshell.bupasalud.com/rb_bf09191zww?type=js3&sn=v_4_srv_3_sn_1D4DFC47475C29C8F0DFE4A9C3B23361_perc_100000_ol_0_mul_1_app-3Adef24e80eac75efa_1_app-3A634eb93f3a241580_1_rcs-3Acss_0&svrid=3&flavor=post&vi=HBAWVTSNWFRRJPAOFCFEURCKOUPGPPPM-0&contentType=srBm&modifiedSince=1720731075793&rf=https%3A%2F%2Fonlineservicesshell.bupasalud.com%2F&bp=3&app=def24e80eac75efa&v=10293240704151944&crc=3258128637&en=nxa4gsmj&end=1

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| html5 object| Modernizr object| appInsights object| dataLayer function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| AI object| Microsoft function| __extends function| _endsWith object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| jQuery1124005028987186509881 object| respond function| WOW number| scrollAnimationTime string| scrollAnimation object| wow function| changeLang function| setLang function| setLinkLanguage object| loadedlangs function| redirect function| clearCookie function| recaptcha_callback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_176373

14 Cookies

Domain/Path Name / Value
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core Name: SignInMessage.3df2066b3e3b454ff9ff43cbdf434ac2
Value: Q2ZESjhQX2ZqUkx5dVpwRHFnNVpMZlBJM0dRdkg0ejZWUWZkM0lSeEg5R1hRMkhwQWo4SElFeHg1Sm5qY2F2dVdrXzVxaVIwck5xYXlRWVJYNnQ0VElxRllnTmp0TFlwaVJSQkpyalQ1endkeGJSTVNlWHRhTjFvbnlnbWdFa3F0cFpRYXRJM2hUNmM1N1BGNDI2aEJjNmc4UnlOWU9oTDVFUkZOenVBeXp4UHVvNTVCcmU1RWc0SmNOalY2emEyVGhIeDFqUUR2SG80Mmcwc3dGTVJmUE9yc0ozcGZmcjFldGJUeHlEb1FZcjVocUlQQkhhdXN6MzRHaGN1WmJaN0p6WDF4bjgwUmk4Rk5JemVZaGlBTnRJc1ZNZVZVcGVTNDJhSDlma3J3eXlNeGsxeW9qQVN3aXFMQ3ZTb0RHaVZIdVNiLXJmRUJKWjV6NlJEVEdUUFZ1Q1VoSVpHZ2sxbnV5M0piVGZnb1QtMlAyREpRUFU2TE9ocmFJTlFabjBNaTczaG1CUjlJaGgtTHRZdkd5Ymd4NTVjTmtiNnZMSXN2ZVlWYzByYU9UTzBsM3lRV3ZPaV9naUljaGFLYU1NSk9idFZ1Tm1wdlpob2l6QjFSQzhGUFQzSWxrcDVGMXBybjFOU0NPNWZMZ0tCSmFBZWx6OHZ2UV9oRDdRcm5CS1ZvanJKUHQyS3p3NVVMMWVrZ1lleHhWNDU3ak5MOFdfdHVYVzQwVE1NbENNem52bkQ3UTdwbkVUMDZLRnYyYi0tSGNJWF9XS0VKMXotcy00ek80cjRTdTZZcy1vWk1JNDdRdG8tT0UxWnBXeVF3WXVsSi1YaEVqeEZPYVJoNHoxWjNBb3NEMkZqLWN3WThZa21JMzFuVkt4WS10WUpocVFoWl8temNmSVh2OHRMZ3d5eC1zcVZzREk5QlhuNmdlQWwwTC1LVDU2M1ctTWp3R3RxcEMwMEY1Z3FtWE54WVZUNmZoY08yWWVMdV9lbGlCOHRBcHVFMzNrNzNTS2VzTXZreFNWclFWVlFsQ1F2eTR5UU1WZmpRRlRrNXZlZU80NUpyX0dITW1PVjBFeERfUTRSUDBoRnk3bTZRZm1OWWxXNUZVUzk2WWZaa2d0ZVMzSk52V0haLTBUSVkwUlphdzgyU0VfNVAzdUM2V282Q29URTZNUUhRYVhFSDNHREl2SU04RjJjZmJuNjktWjFSVmt0Y3VyRUNlOUpxN0xTOXliQlk5eXBrbVRuVkxQc0VQZ2d6RnRDVmd5cjBsUzVjTWp3SnZlcTRIZVduY0hpX20ySEJtZzdJWVpUZk83MkhzX2NFVFE5SjhfbUJHUHE1MU9NQmlqVGdhZmMtd0RNNXhNYm02d0ZQWXFEcWthMU1jYWp2c1RndEw4SDhkUm1PNDJGNWxpT2RFTF9xd0o5Umw1TVdzNU1BVjNPeDBiMV9ZLU9ab3pweUVwcVdQVnFjUWotSnBadzNtYk90Z0k
onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core Name: idsrv.partial
Value: H4sIAAAAAAAEAK1PTUvEMBCt7oJevOthoT9A0jZpa1tYFryIwp527yVNJmsgTUo-Fv33pq6woAc9OMMM8_Hm8WaRJMmN5M4e0UStl1QtNR1haY2CRdzdfk17ZQ5S9xZ8sLoPVoVX7yfXZZnRSmpwYI-SgUNDmKijKnDEzJg9xg7tgAUr_Xv2zEH7WOwiGGzGjIXsxLix4MII6wFE0TCa04I_FLhuGRb1AIxiQXDBGrhIZm--i5pve8m7385TwgXO63ogQIayKoVohSgJG3jMJWX4xH_3g9_Hwfy1_6evP4k3Th601Ou_iZptzpcxrpB0LgBfbY2-TzFOX4JKcY7LFJOuqrqqTp-2-2sEb5OM6lf7ABFGzrC8PcM-ALiB0mIDAgAA
.bupasalud.com/ Name: rxVisitor
Value: 1721692526336A5L9U9PI5JN2M86AFNEG9BK8M5QCRDBH
.bupasalud.com/ Name: dtPC
Value: 3$292526335_609h-vHBAWVTSNWFRRJPAOFCFEURCKOUPGPPPM-0e0
.bupasalud.com/ Name: dtSa
Value: false%7C_load_%7C5%7C_onload_%7C-%7C1721692527127%7C292526335_609%7Chttps%3A%2F%2Fonlineservicesshell.bupasalud.com%2F%7C%7C%7C%7C
.bupasalud.com/ Name: dtCookie
Value: v_4_srv_3_sn_1D4DFC47475C29C8F0DFE4A9C3B23361_perc_100000_ol_0_mul_1_app-3Adef24e80eac75efa_1_app-3A634eb93f3a241580_1_rcs-3Acss_0
.bupasalud.com/ Name: rxvt
Value: 1721694329474|1721692526337
onlineservices.bupasalud.com/ Name: ai_user
Value: HNzL3|2024-07-22T23:55:30.300Z
.bupasalud.com/ Name: _ga
Value: GA1.2.558714208.1721692530
.bupasalud.com/ Name: _gid
Value: GA1.2.514130561.1721692530
.bupasalud.com/ Name: _gat_UA-30863850-2
Value: 1
.bupasalud.com/ Name: _gat_gtag_UA_30863850_2
Value: 1
onlineservices.bupasalud.com/ Name: ai_session
Value: r5UOq|1721692530362.5|1721692530362.5
.bupasalud.com/ Name: _fbp
Value: fb.1.1721692530505.431505607405600264

4 Console Messages

Source Level URL
Text
network error URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/ruxitagentjs_ICANQVfghqru_10293240704151944.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Message:
Refused to execute script from 'https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/ruxitagentjs_ICANQVfghqru_10293240704151944.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
recommendation verbose URL: https://onlineservices.bupasalud.com/Bupa.Security/IdentityServer/core/auth/login?id=3df2066b3e3b454ff9ff43cbdf434ac2&lang=SPA
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://dc.services.visualstudio.com/v2/track
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
bgladigitalsaprod-d5gsapesc5g9gxe2.z01.azurefd.net
bupadigitalassetsdev.blob.core.windows.net
bupadigitalassetsprod.blob.core.windows.net
bupadigitalstoragedev.blob.core.windows.net
cdnjs.cloudflare.com
connect.facebook.net
dc.services.visualstudio.com
fonts.googleapis.com
onlineservices.bupasalud.com
onlineservicesshell.bupasalud.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
onlineservicesshell.bupasalud.com
149.97.233.2
20.150.36.228
20.50.88.241
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:190e
2620:1ec:bdf::45
2a00:1450:4001:809::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.239.172.132
52.239.207.225
026497900b25f45748834a2d96426a4f94f1c1a525a5ebd67a2a3eaa539f1564
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
064a92f4dccfa05528adfb3eb155801eeb8c80cdb96a703849f6fbd5c9244eec
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
10ecc7f30f5b7c84401604072829c482cab3803cf4e76e90901f55c745074e31
13a75a16cfa81b9316f5ad4362fdf042ae741a1c407e1e408efb68d822052382
19a0c23828a8211a66b51a0c78745af7b4c4399c5e2abfd674e179ed7027c814
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
24c0273b0779df6b9932a85cb5dbc33edc923c1d57b9d14099b5a80e599f510a
2615af16e3cc99b0b4e9e43b6098f6cb392313aa6aa485a350b3824fdc131bec
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b767c0474481aded464969b64ef1163b9d68061195b94c14121d7b24e78b19c
2e6f5e74a262577a06491e18ab45e67afa2257a050fd432f3f0128bcb52d1133
341e7fc9550aa1c279ac9ccc64388e39e3190b0db863c3f8286769bbc0fee028
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3e3b0cfecf7bc7c4ccf2d4c2aab21993b284add26631872b111814389656f9e6
3ee1fc83db2266ada5fdf0db0fb706735739dfbe81765dde37679c1c1cef4f88
3f8a92cb22e6742cc28f47badee3bf8d7fc012c591b9cdead2ef821a82701638
40cae2ae2432e793c2640425550c7a873c898439c8f3f5deb76afbade8b9aca6
40f58b84303fa4887237608592fea210414616fc07636d360a28ca547dcb6ec0
41677db66c188b7390a733fd2d3dcb3b12b867b4edc07efd69eaa0ad4fe2abf1
4523347cd108b99c08a5211e62ad748d3460d2130153ef33e76208cc329f100b
50436524cad4b0315a2018f65e19f2d1424dab0130f8c10b189f8472082ea791
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5aaf7641ee06388e99a84fc277b392fefa21c7a4c9ebd87959f70da6228855c4
60a00fa163e65f9771ac252b440ce729a9ccaaacd197260ccc93cde867461c0b
62bf328d6cbf71696c8c57995e409f06e97ebf6f04cd80be14eca56ee2ff9fdb
631598f14ea39b2b590384202b29b595edf5e382845868ff514b276102bf5657
6542122ed3091924b71a205371a2f99db43959777992ca24bc21b3a84b6bc35d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef58696cfdb9e43f2610669b9cca8687abd39571dd207a46fc1951d4ac00880
6f8cf1f7513ed91a696cdc1bbe0c079cf7e9b33db7fd45ee37161b09108c2edc
707041e056c2599259c8ea63f49d83d3bc44b88afb2a34fdbd2325e2026d4f46
74a9c20f2bed7b96f0ee69c14cdc9956f00a31f31e7d63653a769183ba7d06af
7ae319b13e2b438a30d17caadc1946e0b46f184c6ceed4d5b1a3fbc172ba0c7f
84aa673f22ff38f0b0b85c375d0efcec2c9663d7807f048d7733365ead3bfe12
93e68dbcfde0192467d759c5a996fdce9d737d0a2242edec8f09adcc103bb34a
9918f5f37110227c918d2bb138baac90413c293ded813dbd26a8d12a4e62e6b0
9a160281169cc9be9aee45787dcb4c6e8680eac20716c75f04e3aea91ef5d0cb
a366c2f879151d2fdd8b54e3c173bc8f40b115faa36153708c976c3091988df4
a6ba3783aee54aa4a6e75c1d25bd6fc6ec85581129d54b4fa941162f8207f62f
a9dd92efbdc40e71810878d88404ff81d421666e576fdecdfe69367a87c4ddae
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c190d19ac5152b3b8f45f3c7b8533082a46c4fcfa7731d7730efe77cb7587ff4
c24c57e2a008772108ff8f149c91a934e18e0078bc450eefe29e43efe3fbe345
c3c6259312083e707a0e0a9c8b227c900712c9c5a8018674d165f9851cd3d529
c4464a402dbf4d371dbc7339608852ee446bc0e12326996e22ae63a5317db3f3
c8f062fa11fe7d3001012737d29e92ca5235ab794be7a0cb071fff09014b80e3
cf9b087531387d50e2c77afd6d99adf2ee688915fc1b578d16ce763971d98ac2
d32a2c25a1d42e4ec2cdba97fd110a40669f7ff015c2b02fad1bcb7b3c6d3234
d37a6e478f4cfe3f1703c6d224a96c60bd668fa71435d5548afda7961078c401
dc90b3ea039b87aaed6738cc5c55216e4eaa3e62e89e09dca1918e50f3baf33b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
dfb71324841cdbe1dd205982a0c2887a796d74a77401f14d55cbd6765895f39c
e02c7a15547e1cacd650820161623199fa74ba580f585dcb3e7459c63f68e1c5
e2a0c4f8b702250ca1bba9c7264cd459ce7c3e468a4d4a97bfe373ebe39d8438
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e