Domain > bupa.surge-qa.com

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2023-09-05	3.161.188.90 (ClassC)
2024-09-14	99.86.229.82 (ClassC)
2025-04-28	18.67.17.54 (ClassC)
2025-08-16	13.225.222.94 (ClassC)
2025-11-14	3.169.173.37 (ClassC)

HTTP/1.1 301 Moved PermanentlyServer: CloudFrontDate: Fri, 14 Nov 2025 01:44:16 GMTContent-Type: text/htmlContent-Length: 167Connection: keep-aliveLocation: https://bupa.surge-qa.com/X-Cache: Redirect from cloudfrontVia: 1.1 a454a679efa1e16833b77cb6af61e11c.cloudfront.net (CloudFront)X-Amz-Cf-Pop: HIO52-P4X-Amz-Cf-Id: HtBiGXmZmK_Q1KZmD7CBIQfk7C53tmKXhOHPeHU9gMfo1V8zUXdq7gX-XSS-Protection: 1; modeblockX-Frame-Options: DENYReferrer-Policy: same-originContent-Security-Policy: script-src self https://cdn.amplitude.com https://tags.tiqcdn.com https://www.gstatic.com https://www.layahealthcare.ie https://preprod.layahealthcare.ie https://www.google.com https://us.i.posthog.com https://us-assets.i.posthog.com https://cdn.userway.org https://script.hotjar.com https://*.messagebird.com https://*.zendesk.com https://cdn.cookielaw.org https://static.zdassets.com https://acsbapp.com https://unpkg.com https://*.intercom.io https://js.intercomcdn.com https://static.hotjar.com https://www.googletagmanager.com https://extend.vimeocdn.com https://js.stripe.com unsafe-inline unsafe-eval; img-src * data:; style-src self https://cdn.userway.org https://*.surge-qa.com https://fonts.googleapis.com/ https://use.fontawesome.com unsafe-inline; object-src none; font-src self https://fonts.googleapis.com https://fonts.gstatic.com https://use.fontawesome.com data:;X-Content-Type-Options: nosniff

html>head>title>301 Moved Permanently/title>/head>body>center>h1>301 Moved Permanently/h1>/center>hr>center>CloudFront/center>/body>/html>

Port 443

HTTP/1.1 200 OKContent-Type: text/htmlContent-Length: 3112Connection: keep-aliveDate: Fri, 14 Nov 2025 01:44:18 GMTLast-Modified: Thu, 24 Jul 2025 13:43:53 GMTETag: 165176b346adc16518b9a9b835e35791x-amz-server-side-encryption: AES256Cache-Control: max-age3600Expires: Mon, 01 Oct 2018 00:00:00 GMTAccept-Ranges: bytesServer: AmazonS3X-Cache: Miss from cloudfrontVia: 1.1 5ec2b95241693f962e2ff4afc726b38e.cloudfront.net (CloudFront)X-Amz-Cf-Pop: HIO52-P4X-Amz-Cf-Id: scR5bi-jOlrZ4uRdujLmhbwBctataoYE4h5nsDtmxwAb_NIoplYLNwX-XSS-Protection: 1; modeblockX-Frame-Options: DENYReferrer-Policy: same-originContent-Security-Policy: script-src self https://cdn.amplitude.com https://tags.tiqcdn.com https://www.gstatic.com https://www.layahealthcare.ie https://preprod.layahealthcare.ie https://www.google.com https://us.i.posthog.com https://us-assets.i.posthog.com https://cdn.userway.org https://script.hotjar.com https://*.messagebird.com https://*.zendesk.com https://cdn.cookielaw.org https://static.zdassets.com https://acsbapp.com https://unpkg.com https://*.intercom.io https://js.intercomcdn.com https://static.hotjar.com https://www.googletagmanager.com https://extend.vimeocdn.com https://js.stripe.com unsafe-inline unsafe-eval; img-src * data:; style-src self https://cdn.userway.org https://*.surge-qa.com https://fonts.googleapis.com/ https://use.fontawesome.com unsafe-inline; object-src none; font-src self https://fonts.googleapis.com https://fonts.gstatic.com https://use.fontawesome.com data:;X-Content-Type-Options: nosniffStrict-Transport-Security: max-age63072000; includeSubDomains; preload

!DOCTYPE html>script srchttps://unpkg.com/vue-scrollto>/script>html langen>  head>    meta charsetutf-8>    meta http-equivX-UA-Compatible contentIEedge>    meta nameviewport contentwidthdevice-width,initial-scale1.0>    link relstylesheet          hrefhttps://use.fontawesome.com/releases/v5.2.0/css/all.css          integritysha384-hWVjflwFxL6sNzntih27bfxkr27PmbbK/iSvJ+a4+0owXq79v+lsFkW54bOGbiDQ          crossoriginanonymous>    link relicon href/img/bupa-favicon.ico>    link hrefhttps://fonts.googleapis.com/css?familyOpen+Sans:300,400,700&displayswap relstylesheet>title>Digital GP services | Bupa UK/title>    link relpreconnect hrefhttps://fonts.googleapis.com>    link relpreconnect hrefhttps://fonts.gstatic.com crossorigin>    link hrefhttps://fonts.googleapis.com/css2?familyRoboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&displayswap relstylesheet>    link hrefhttps://fonts.googleapis.com/css2?familyMontserrat:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&displayswap relstylesheet>    !-- Google Tag Manager -->    script>(function (w, d, s, l, i) {        wl  wl || ; wl.push({          gtm.start:            new Date().getTime(), event: gtm.js        }); var f  d.getElementsByTagName(s)0,          j  d.createElement(s), dl  l ! dataLayer ? &l + l : ; j.async  true; j.src             https://www.googletagmanager.com/gtm.js?id + i + dl; f.parentNode.insertBefore(j, f);      })(window, document, script, dataLayer, GTM-547M7F4);/script>    !-- End Google Tag Manager -->    !-- Google Tag Manager -->    script async srchttps://www.googletagmanager.com/gtag/js?idG-QNEN1T8DX9>/script>    script>      window.dataLayer  window.dataLayer || ;      function gtag(){dataLayer.push(arguments);}      gtag(js, new Date());      gtag(config, G-QNEN1T8DX9);    /script>  !-- End Google Tag Manager -->      link href/js/app.js relpreload asscript>link href/js/chunk-vendors.js relpreload asscript>/head>  body>    !-- Google Tag Manager (noscript) -->    noscript>iframe srchttps://www.googletagmanager.com/ns.html?idGTM-547M7F4 height0 width0 styledisplay:none;visibility:hidden>/iframe>/noscript>    !-- End Google Tag Manager (noscript) -->    !-- Google Tag Manager (noscript) -->      noscript>iframe srchttps://www.googletagmanager.com/ns.html?idGTM-NTXGKFF        height0 width0 styledisplay:none;visibility:hidden>/iframe>/noscript>    !-- End Google Tag Manager (noscript) -->    noscript>      strong>Were sorry but this site doesnt work properly without JavaScript enabled. Please enable it to continue./strong>    /noscript>    div idapp>/div>    !-- built files will be auto injected -->  script typetext/javascript src/js/chunk-vendors.js>/script>script typetext/javascript src/js/app.js>/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > bupa.surge-qa.com

Is this malicious?

DNS Resolutions

Port 80

Port 443