Domain hub-uat2.apac.chubb.com
Germany
Akamai International B.V.
Software information

AkamaiGHost

tcp/80

  • Open service 2a02:26f0:2780:67::217:e39d:80 · hub-uat2.apac.chubb.com

    2025-12-23 15:42 

    HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://hub-uat2.apac.chubb.com/
Cache-Control: max-age=0
Expires: Tue, 23 Dec 2025 15:42:16 GMT
Date: Tue, 23 Dec 2025 15:42:16 GMT
Connection: close
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 2a02:26f0:2780:67::217:e39a:443 · hub-uat2.apac.chubb.com

    2025-12-23 15:42 

    HTTP/1.1 200 OK
Content-Type: text/html
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
ETag: "077fbf06963dc1:0"
Last-Modified: Tue, 02 Dec 2025 08:59:18 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src 'self' ;         font-src 'self' *.gstatic.com https://fonts.gstatic.com https://resources.digital-cloud.medallia.eu https://nebula-cdn.kampyle.com data:;         img-src 'self' https://hub-uat2.apac.chubb.com https://www.google.co.id *.appserviceenvironment.net *.gstatic.com www.google.com.au/ads/ga-audiences maps.googleapis.com/maps 'unsafe-inline' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://hub-uat2.apac.chubb.com https://googleads.g.doubleclick.net https://www.google.com https://*.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud.medallia.eu blob: data:;         script-src 'self' 'unsafe-eval' 'nonce-9TYtB0XNfPfv8jAN63n1HhcS6eTMcmCT' 'unsafe-hashes' 'sha256-MhtPZXr7+LpJUY5qtMutB+qWfQtMaPccfe7QXtCcEYc=' 'sha256-LDtRQkjWnX2hv6IKXsaibKGojOoRlzYXLJF9XGmCP1s=' 'sha256-eA97VWiA+qMG9kFFVMRQ3X1r3J0GKuIZWvcbffxy+S4=' 'strict-dynamic' https://*.js.stripe.com https://js.stripe.com https://maps.googleapis.com *.google.com https://js.stripe.com/v3 *.tokenex.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.microsoftonline.com *.googleadservices.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googleadservices.com https://www.google.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu data:;         style-src 'self' https://js.stripe.com/v3 *.tokenex.com fonts.googleapis.com 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.g.doubleclick.net https://*.google.com https://*.google.com https://*.google.com.sg https://resources.digital-cloud.medallia.eu https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;         frame-src 'self' https://*.js.stripe.com https://js.stripe.com https://hooks.stripe.com https://js.stripe.com/ https://auth.uat.chubb.com *.tokenex.com *.microsoftonline.com *.google.com https://td.doubleclick.net/ https://bid.g.doubleclick.net https://*.fls.doubleclick.net https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.eu data:;         connect-src wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01 wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01/1 wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01/1/client/ 'self' wss://sr-apasu-bsn0002842-01.service.signalr.net https://sr-apasu-bsn0002842-01.service.signalr.net https://api.stripe.com https://maps.googleapis.com https://brokerintegration-uat.au.chubb.com https://uat.apac.studiogateway.chubb.com https://auth.uat.chubb.com js.monitor.azure.com fonts.googleapis.com *.microsoftonline.com dc.services.visualstudio.com *.google.com *.google.com.au *.google.com.sg *.google-analytics.com *.googleapis.com *.googletagmanager.com stats.g.doubleclick.net *.gstatic.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.com https://*.google.com.sg https://*.google.com.au https://www.google-analytics.com https://*.sit.chubb.com https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://ubt-lb.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu data:;         form-action 'self';         object-src 'self';         frame-ancestors 'self';         media-src 'self' https://hub-uat2.apac.chubb.com blob: data:;
Cache-Control: no-cache, no-store, must-revalidate
Expires: Tue, 23 Dec 2025 15:42:14 GMT
Date: Tue, 23 Dec 2025 15:42:14 GMT
Content-Length: 2560
Connection: close

Page title: Platform Loader

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate, max-age=0">
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="expires" content="0">  
    <title>Platform Loader</title>
</head>
<body>
    <div id="app"></div>
<!--    <script type="module" src="/src/main.ts"></script>-->
    <script nonce="9TYtB0XNfPfv8jAN63n1HhcS6eTMcmCT">
        (async () => {
            const params = new URLSearchParams(window.location.search);
            const config = params.get('oh-config');
            if(config && config.length > 0){
                sessionStorage.setItem("oh-config", config)
            }

            
            const defaultEnv = 'default';
            window.location.search.slice(1,)
                .split('&')
                .map((str) => str.split('='))
                .filter(([key]) => key.match(/^version-/))
                .forEach(([key, value]) => {
                    if(value) {
                        window.sessionStorage.setItem(key, value);
                    } else {
                        window.sessionStorage.removeItem(key);
                    }
                })
            const platformVersionKey = 'version-platform';
            const platformPath = 'mfe/platform';
            const platformVersion = window.sessionStorage.getItem(platformVersionKey) ?? defaultEnv;

            const pathToIndex = `${window.location.origin}/${platformPath}/${platformVersion}/index.html`;
            console.log(pathToIndex);
            const res = await fetch(pathToIndex);
            if(res.status !== 200) {
                const errorEl = document.createElement('div');
                errorEl.innerText = 'Error getting the platform version';
                document.getElementsByTagName('body')[0].appendChild(errorEl);
                return;
            }

            const body = await res.text();

            Object.keys(sessionStorage)
                .filter((key) => key.match(/^version-/))
                .forEach((key) => {
                    console.log(`Using version: ${key} ${sessionStorage.getItem(key) ?? defaultEnv}`);
                });

            const parsedBody = body.replace('<base href="/">', `<base href="/${platformPath}/${platformVersion}/">`);

            document.open();
            document.write(parsedBody);
            document.close();

        })()
    </script>
</body>
</html>
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 2a02:26f0:2780:67::217:e39d:443 · hub-uat2.apac.chubb.com

    2025-12-23 15:42 

    HTTP/1.1 200 OK
Content-Type: text/html
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
ETag: "077fbf06963dc1:0"
Last-Modified: Tue, 02 Dec 2025 08:59:18 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src 'self' ;         font-src 'self' *.gstatic.com https://fonts.gstatic.com https://resources.digital-cloud.medallia.eu https://nebula-cdn.kampyle.com data:;         img-src 'self' https://hub-uat2.apac.chubb.com https://www.google.co.id *.appserviceenvironment.net *.gstatic.com www.google.com.au/ads/ga-audiences maps.googleapis.com/maps 'unsafe-inline' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://hub-uat2.apac.chubb.com https://googleads.g.doubleclick.net https://www.google.com https://*.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud.medallia.eu blob: data:;         script-src 'self' 'unsafe-eval' 'nonce-9TYtB0XNfPfv8jAN63n1HhcS6eTMcmCT' 'unsafe-hashes' 'sha256-MhtPZXr7+LpJUY5qtMutB+qWfQtMaPccfe7QXtCcEYc=' 'sha256-LDtRQkjWnX2hv6IKXsaibKGojOoRlzYXLJF9XGmCP1s=' 'sha256-eA97VWiA+qMG9kFFVMRQ3X1r3J0GKuIZWvcbffxy+S4=' 'strict-dynamic' https://*.js.stripe.com https://js.stripe.com https://maps.googleapis.com *.google.com https://js.stripe.com/v3 *.tokenex.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.microsoftonline.com *.googleadservices.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googleadservices.com https://www.google.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu data:;         style-src 'self' https://js.stripe.com/v3 *.tokenex.com fonts.googleapis.com 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.g.doubleclick.net https://*.google.com https://*.google.com https://*.google.com.sg https://resources.digital-cloud.medallia.eu https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;         frame-src 'self' https://*.js.stripe.com https://js.stripe.com https://hooks.stripe.com https://js.stripe.com/ https://auth.uat.chubb.com *.tokenex.com *.microsoftonline.com *.google.com https://td.doubleclick.net/ https://bid.g.doubleclick.net https://*.fls.doubleclick.net https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.eu data:;         connect-src wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01 wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01/1 wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01/1/client/ 'self' wss://sr-apasu-bsn0002842-01.service.signalr.net https://sr-apasu-bsn0002842-01.service.signalr.net https://api.stripe.com https://maps.googleapis.com https://brokerintegration-uat.au.chubb.com https://uat.apac.studiogateway.chubb.com https://auth.uat.chubb.com js.monitor.azure.com fonts.googleapis.com *.microsoftonline.com dc.services.visualstudio.com *.google.com *.google.com.au *.google.com.sg *.google-analytics.com *.googleapis.com *.googletagmanager.com stats.g.doubleclick.net *.gstatic.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.com https://*.google.com.sg https://*.google.com.au https://www.google-analytics.com https://*.sit.chubb.com https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://ubt-lb.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu data:;         form-action 'self';         object-src 'self';         frame-ancestors 'self';         media-src 'self' https://hub-uat2.apac.chubb.com blob: data:;
Cache-Control: no-cache, no-store, must-revalidate
Expires: Tue, 23 Dec 2025 15:42:13 GMT
Date: Tue, 23 Dec 2025 15:42:13 GMT
Content-Length: 2560
Connection: close

Page title: Platform Loader

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate, max-age=0">
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="expires" content="0">  
    <title>Platform Loader</title>
</head>
<body>
    <div id="app"></div>
<!--    <script type="module" src="/src/main.ts"></script>-->
    <script nonce="9TYtB0XNfPfv8jAN63n1HhcS6eTMcmCT">
        (async () => {
            const params = new URLSearchParams(window.location.search);
            const config = params.get('oh-config');
            if(config && config.length > 0){
                sessionStorage.setItem("oh-config", config)
            }

            
            const defaultEnv = 'default';
            window.location.search.slice(1,)
                .split('&')
                .map((str) => str.split('='))
                .filter(([key]) => key.match(/^version-/))
                .forEach(([key, value]) => {
                    if(value) {
                        window.sessionStorage.setItem(key, value);
                    } else {
                        window.sessionStorage.removeItem(key);
                    }
                })
            const platformVersionKey = 'version-platform';
            const platformPath = 'mfe/platform';
            const platformVersion = window.sessionStorage.getItem(platformVersionKey) ?? defaultEnv;

            const pathToIndex = `${window.location.origin}/${platformPath}/${platformVersion}/index.html`;
            console.log(pathToIndex);
            const res = await fetch(pathToIndex);
            if(res.status !== 200) {
                const errorEl = document.createElement('div');
                errorEl.innerText = 'Error getting the platform version';
                document.getElementsByTagName('body')[0].appendChild(errorEl);
                return;
            }

            const body = await res.text();

            Object.keys(sessionStorage)
                .filter((key) => key.match(/^version-/))
                .forEach((key) => {
                    console.log(`Using version: ${key} ${sessionStorage.getItem(key) ?? defaultEnv}`);
                });

            const parsedBody = body.replace('<base href="/">', `<base href="/${platformPath}/${platformVersion}/">`);

            document.open();
            document.write(parsedBody);
            document.close();

        })()
    </script>
</body>
</html>
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 2.16.183.12:80 · hub-uat2.apac.chubb.com

    2025-12-23 15:42 

    HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://hub-uat2.apac.chubb.com/
Cache-Control: max-age=0
Expires: Tue, 23 Dec 2025 15:42:15 GMT
Date: Tue, 23 Dec 2025 15:42:15 GMT
Connection: close
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 2.16.183.12:443 · hub-uat2.apac.chubb.com

    2025-12-23 15:42 

    HTTP/1.1 200 OK
Content-Type: text/html
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
ETag: "077fbf06963dc1:0"
Last-Modified: Tue, 02 Dec 2025 08:59:18 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src 'self' ;         font-src 'self' *.gstatic.com https://fonts.gstatic.com https://resources.digital-cloud.medallia.eu https://nebula-cdn.kampyle.com data:;         img-src 'self' https://hub-uat2.apac.chubb.com https://www.google.co.id *.appserviceenvironment.net *.gstatic.com www.google.com.au/ads/ga-audiences maps.googleapis.com/maps 'unsafe-inline' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://hub-uat2.apac.chubb.com https://googleads.g.doubleclick.net https://www.google.com https://*.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud.medallia.eu blob: data:;         script-src 'self' 'unsafe-eval' 'nonce-9TYtB0XNfPfv8jAN63n1HhcS6eTMcmCT' 'unsafe-hashes' 'sha256-MhtPZXr7+LpJUY5qtMutB+qWfQtMaPccfe7QXtCcEYc=' 'sha256-LDtRQkjWnX2hv6IKXsaibKGojOoRlzYXLJF9XGmCP1s=' 'sha256-eA97VWiA+qMG9kFFVMRQ3X1r3J0GKuIZWvcbffxy+S4=' 'strict-dynamic' https://*.js.stripe.com https://js.stripe.com https://maps.googleapis.com *.google.com https://js.stripe.com/v3 *.tokenex.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.microsoftonline.com *.googleadservices.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googleadservices.com https://www.google.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu data:;         style-src 'self' https://js.stripe.com/v3 *.tokenex.com fonts.googleapis.com 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.g.doubleclick.net https://*.google.com https://*.google.com https://*.google.com.sg https://resources.digital-cloud.medallia.eu https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;         frame-src 'self' https://*.js.stripe.com https://js.stripe.com https://hooks.stripe.com https://js.stripe.com/ https://auth.uat.chubb.com *.tokenex.com *.microsoftonline.com *.google.com https://td.doubleclick.net/ https://bid.g.doubleclick.net https://*.fls.doubleclick.net https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.eu data:;         connect-src wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01 wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01/1 wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01/1/client/ 'self' wss://sr-apasu-bsn0002842-01.service.signalr.net https://sr-apasu-bsn0002842-01.service.signalr.net https://api.stripe.com https://maps.googleapis.com https://brokerintegration-uat.au.chubb.com https://uat.apac.studiogateway.chubb.com https://auth.uat.chubb.com js.monitor.azure.com fonts.googleapis.com *.microsoftonline.com dc.services.visualstudio.com *.google.com *.google.com.au *.google.com.sg *.google-analytics.com *.googleapis.com *.googletagmanager.com stats.g.doubleclick.net *.gstatic.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.com https://*.google.com.sg https://*.google.com.au https://www.google-analytics.com https://*.sit.chubb.com https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://ubt-lb.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu data:;         form-action 'self';         object-src 'self';         frame-ancestors 'self';         media-src 'self' https://hub-uat2.apac.chubb.com blob: data:;
Cache-Control: no-cache, no-store, must-revalidate
Expires: Tue, 23 Dec 2025 15:42:13 GMT
Date: Tue, 23 Dec 2025 15:42:13 GMT
Content-Length: 2560
Connection: close

Page title: Platform Loader

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate, max-age=0">
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="expires" content="0">  
    <title>Platform Loader</title>
</head>
<body>
    <div id="app"></div>
<!--    <script type="module" src="/src/main.ts"></script>-->
    <script nonce="9TYtB0XNfPfv8jAN63n1HhcS6eTMcmCT">
        (async () => {
            const params = new URLSearchParams(window.location.search);
            const config = params.get('oh-config');
            if(config && config.length > 0){
                sessionStorage.setItem("oh-config", config)
            }

            
            const defaultEnv = 'default';
            window.location.search.slice(1,)
                .split('&')
                .map((str) => str.split('='))
                .filter(([key]) => key.match(/^version-/))
                .forEach(([key, value]) => {
                    if(value) {
                        window.sessionStorage.setItem(key, value);
                    } else {
                        window.sessionStorage.removeItem(key);
                    }
                })
            const platformVersionKey = 'version-platform';
            const platformPath = 'mfe/platform';
            const platformVersion = window.sessionStorage.getItem(platformVersionKey) ?? defaultEnv;

            const pathToIndex = `${window.location.origin}/${platformPath}/${platformVersion}/index.html`;
            console.log(pathToIndex);
            const res = await fetch(pathToIndex);
            if(res.status !== 200) {
                const errorEl = document.createElement('div');
                errorEl.innerText = 'Error getting the platform version';
                document.getElementsByTagName('body')[0].appendChild(errorEl);
                return;
            }

            const body = await res.text();

            Object.keys(sessionStorage)
                .filter((key) => key.match(/^version-/))
                .forEach((key) => {
                    console.log(`Using version: ${key} ${sessionStorage.getItem(key) ?? defaultEnv}`);
                });

            const parsedBody = body.replace('<base href="/">', `<base href="/${platformPath}/${platformVersion}/">`);

            document.open();
            document.write(parsedBody);
            document.close();

        })()
    </script>
</body>
</html>
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 2a02:26f0:2780:67::217:e39a:80 · hub-uat2.apac.chubb.com

    2025-12-23 15:42 

    HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://hub-uat2.apac.chubb.com/
Cache-Control: max-age=0
Expires: Tue, 23 Dec 2025 15:42:15 GMT
Date: Tue, 23 Dec 2025 15:42:15 GMT
Connection: close
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 2.16.183.10:443 · hub-uat2.apac.chubb.com

    2025-12-23 15:42 

    HTTP/1.1 200 OK
Content-Type: text/html
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
ETag: "077fbf06963dc1:0"
Last-Modified: Tue, 02 Dec 2025 08:59:18 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src 'self' ;         font-src 'self' *.gstatic.com https://fonts.gstatic.com https://resources.digital-cloud.medallia.eu https://nebula-cdn.kampyle.com data:;         img-src 'self' https://hub-uat2.apac.chubb.com https://www.google.co.id *.appserviceenvironment.net *.gstatic.com www.google.com.au/ads/ga-audiences maps.googleapis.com/maps 'unsafe-inline' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://hub-uat2.apac.chubb.com https://googleads.g.doubleclick.net https://www.google.com https://*.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud.medallia.eu blob: data:;         script-src 'self' 'unsafe-eval' 'nonce-9TYtB0XNfPfv8jAN63n1HhcS6eTMcmCT' 'unsafe-hashes' 'sha256-MhtPZXr7+LpJUY5qtMutB+qWfQtMaPccfe7QXtCcEYc=' 'sha256-LDtRQkjWnX2hv6IKXsaibKGojOoRlzYXLJF9XGmCP1s=' 'sha256-eA97VWiA+qMG9kFFVMRQ3X1r3J0GKuIZWvcbffxy+S4=' 'strict-dynamic' https://*.js.stripe.com https://js.stripe.com https://maps.googleapis.com *.google.com https://js.stripe.com/v3 *.tokenex.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.microsoftonline.com *.googleadservices.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googleadservices.com https://www.google.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu data:;         style-src 'self' https://js.stripe.com/v3 *.tokenex.com fonts.googleapis.com 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.g.doubleclick.net https://*.google.com https://*.google.com https://*.google.com.sg https://resources.digital-cloud.medallia.eu https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;         frame-src 'self' https://*.js.stripe.com https://js.stripe.com https://hooks.stripe.com https://js.stripe.com/ https://auth.uat.chubb.com *.tokenex.com *.microsoftonline.com *.google.com https://td.doubleclick.net/ https://bid.g.doubleclick.net https://*.fls.doubleclick.net https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.eu data:;         connect-src wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01 wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01/1 wss://uat.apac.studiogateway.chubb.com/digital.policy.onehubcore01/1/client/ 'self' wss://sr-apasu-bsn0002842-01.service.signalr.net https://sr-apasu-bsn0002842-01.service.signalr.net https://api.stripe.com https://maps.googleapis.com https://brokerintegration-uat.au.chubb.com https://uat.apac.studiogateway.chubb.com https://auth.uat.chubb.com js.monitor.azure.com fonts.googleapis.com *.microsoftonline.com dc.services.visualstudio.com *.google.com *.google.com.au *.google.com.sg *.google-analytics.com *.googleapis.com *.googletagmanager.com stats.g.doubleclick.net *.gstatic.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.com https://*.google.com.sg https://*.google.com.au https://www.google-analytics.com https://*.sit.chubb.com https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://ubt-lb.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu data:;         form-action 'self';         object-src 'self';         frame-ancestors 'self';         media-src 'self' https://hub-uat2.apac.chubb.com blob: data:;
Cache-Control: no-cache, no-store, must-revalidate
Expires: Tue, 23 Dec 2025 15:42:13 GMT
Date: Tue, 23 Dec 2025 15:42:13 GMT
Content-Length: 2560
Connection: close

Page title: Platform Loader

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate, max-age=0">
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="expires" content="0">  
    <title>Platform Loader</title>
</head>
<body>
    <div id="app"></div>
<!--    <script type="module" src="/src/main.ts"></script>-->
    <script nonce="9TYtB0XNfPfv8jAN63n1HhcS6eTMcmCT">
        (async () => {
            const params = new URLSearchParams(window.location.search);
            const config = params.get('oh-config');
            if(config && config.length > 0){
                sessionStorage.setItem("oh-config", config)
            }

            
            const defaultEnv = 'default';
            window.location.search.slice(1,)
                .split('&')
                .map((str) => str.split('='))
                .filter(([key]) => key.match(/^version-/))
                .forEach(([key, value]) => {
                    if(value) {
                        window.sessionStorage.setItem(key, value);
                    } else {
                        window.sessionStorage.removeItem(key);
                    }
                })
            const platformVersionKey = 'version-platform';
            const platformPath = 'mfe/platform';
            const platformVersion = window.sessionStorage.getItem(platformVersionKey) ?? defaultEnv;

            const pathToIndex = `${window.location.origin}/${platformPath}/${platformVersion}/index.html`;
            console.log(pathToIndex);
            const res = await fetch(pathToIndex);
            if(res.status !== 200) {
                const errorEl = document.createElement('div');
                errorEl.innerText = 'Error getting the platform version';
                document.getElementsByTagName('body')[0].appendChild(errorEl);
                return;
            }

            const body = await res.text();

            Object.keys(sessionStorage)
                .filter((key) => key.match(/^version-/))
                .forEach((key) => {
                    console.log(`Using version: ${key} ${sessionStorage.getItem(key) ?? defaultEnv}`);
                });

            const parsedBody = body.replace('<base href="/">', `<base href="/${platformPath}/${platformVersion}/">`);

            document.open();
            document.write(parsedBody);
            document.close();

        })()
    </script>
</body>
</html>
    Found 2025-12-23 by HttpPlugin
    Create report

  • Open service 2.16.183.10:80 · hub-uat2.apac.chubb.com

    2025-12-23 15:42 

    HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://hub-uat2.apac.chubb.com/
Cache-Control: max-age=0
Expires: Tue, 23 Dec 2025 15:42:15 GMT
Date: Tue, 23 Dec 2025 15:42:15 GMT
Connection: close
    Found 2025-12-23 by HttpPlugin
    Create report
uat.apac.studiogateway.chubb.comaa.sit.apac.studiogateway.chubb.comaa.uat.apac.studiogateway.chubb.comagency.baohiemchubblife.vnapi.biz-aceonline.comapiesmart2.chubblife.co.idapplication.baohiemchubblife.vnb2buat-tst.chubb.com.twbusiness.la.studio-uat.chubb.combuy2.atuat.acegroup.combuy4-pprd.chubbtravelinsurance.combuy4-sit.chubbtravelinsurance.combuy4-uat.chubbtravelinsurance.combuy4.chubbtravelinsurance.comcmp.e-face.biz-aceonline.comdbsdev.chubbdigital.comdbsuat.chubbdigital.comdocs.crmplatform-sit.chubb.come-recruitment-uat.chubblife-agency.in.the-recruitment.chubblife-agency.in.theapi.baohiemchubblife.vneappsit-trn.chubblife-agency.in.thecard.baohiemchubblife.vnecore-api.e-face.biz-aceonline.comevoap-stg.chubb.comhub-pprd.apac.chubb.comhub-uat2.apac.chubb.comjapanauto-uat.e-face.biz-aceonline.comlifebbq.mm.chubb.commuaonline.baohiemchubblife.vnneeds-calculator-uat.chubblife.co.nzneeds-calculator.chubblife.co.nzoicgw.chubblife.co.thoicgwuat.chubblife.co.thpay.atuat.acegroup.compprd.kr.studiogateway.chubb.comproposal.baohiemchubblife.vnreceive.travel.acegroup.comsalesportal-UAT.chubbinsured.co.thsalesportal.chubbinsured.co.thsit.kr.studiogateway.chubb.comsit.securesite.chubblife.co.nztraining.inamar.comtravel.chubb.comtuyendung.baohiemchubblife.vnuat.biz-aceonline.comuat.kr.studiogateway.chubb.comuat.securesite-temp.chubblife.co.nzuatvos.chubblife-agency.in.thuatvos.chubblife.co.thvos-adp.chubblife-agency.in.thvos-pd-training.chubblife.co.thvos-uat.chubblife-agency.in.thvos-uat.chubblife.co.thwww.baohiemchubblife.vn
Fingerprint:
b5cb577c1698a84c76710b7798f07bf66b4ae49ad11353cc75a9f780d87c6ded
CN:
uat.apac.studiogateway.chubb.com
Key:
ECDSA-256
Issuer:
DigiCert Global G3 TLS ECC SHA384 2020 CA1
Not before:
2025-12-03 00:00
Not after:
2026-06-21 23:59
Domain summary

hub-uat2.apac.chubb.com 7

1 recorded
IP summary

2a02:26f0:2780:67::217:e39d 1 2a02:26f0:2780:67::217:e39a 1 2.16.183.12 1 2.16.183.10 1

4 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice