URL: https://services-uat.prudential.co.th/
Submission: On December 05 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 21 HTTP transactions. The main IP is 45.60.45.148, located in United States and belongs to INCAPSULA, US. The main domain is services-uat.prudential.co.th.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q4 on November 13th 2024. Valid for: 6 months.
This is the only time services-uat.prudential.co.th was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 45.60.45.148 19551 (INCAPSULA)
1 142.250.72.100 15169 (GOOGLE)
1 2 104.17.246.203 13335 (CLOUDFLAR...)
1 142.250.65.227 15169 (GOOGLE)
1 142.251.40.138 15169 (GOOGLE)
2 142.251.40.227 15169 (GOOGLE)
3 142.250.80.110 15169 (GOOGLE)
1 142.250.80.104 15169 (GOOGLE)
21 8
Apex Domain
Subdomains
Transfer
11 prudential.co.th
services-uat.prudential.co.th
services-dev.prudential.co.th
362 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
272 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
98 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
21 7
Domain Requested by
10 services-uat.prudential.co.th services-uat.prudential.co.th
unpkg.com
3 www.google-analytics.com services-uat.prudential.co.th
unpkg.com
2 fonts.gstatic.com fonts.googleapis.com
2 unpkg.com 1 redirects services-uat.prudential.co.th
1 www.googletagmanager.com www.google-analytics.com
1 services-dev.prudential.co.th unpkg.com
1 fonts.googleapis.com services-uat.prudential.co.th
1 www.gstatic.com www.google.com
1 www.google.com services-uat.prudential.co.th
21 9

This site contains no links.

Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q4
2024-11-13 -
2025-05-12
6 months crt.sh
www.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://services-uat.prudential.co.th/
Frame ID: A71E3016F13FCC0768C9DEC335BCFA5A
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

PRUConnect

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

854 kB
Transfer

2409 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/vconsole@latest/dist/vconsole.min.js HTTP 302
  • https://unpkg.com/vconsole@3.15.1/dist/vconsole.min.js

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
services-uat.prudential.co.th/
3 KB
2 KB
Document
General
Full URL
https://services-uat.prudential.co.th/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8cb1ddb8443da402fa2cb60dc56808a59e5e78a721045828fd8313215e52e910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 05 Dec 2024 05:35:39 GMT
ETag
"66fb7b99-a3b"
Last-Modified
Tue, 01 Oct 2024 04:33:29 GMT
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-CDN
Imperva
X-Iinfo
18-112345607-112345609 NNYN CT(300 437 0) RT(1733376938004 41) q(0 0 7 1) r(9 9) U12
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f4.1e100.net
Software
ESF /
Resource Hash
b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 05:35:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 05 Dec 2024 05:35:40 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
env-config.js
services-uat.prudential.co.th/
2 KB
1 KB
Script
General
Full URL
https://services-uat.prudential.co.th/env-config.js?v=0.0.5
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e59648c250b716f96b63928fce4c42c909b4a5dde129fc25990db0970d445e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Iinfo
18-112345607-112333235 3NYN RT(1733376938004 1043) q(0 0 0 -1) r(2 2) U2
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
ETag
"66fb7e7e-9b2"
X-CDN
Imperva
Connection
keep-alive
Accept-Ranges
bytes
Date
Thu, 05 Dec 2024 05:35:40 GMT
Content-Type
application/javascript
Last-Modified
Tue, 01 Oct 2024 04:45:50 GMT
vconsole.min.js
unpkg.com/vconsole@3.15.1/dist/
Redirect Chain
  • https://unpkg.com/vconsole@latest/dist/vconsole.min.js
  • https://unpkg.com/vconsole@3.15.1/dist/vconsole.min.js
280 KB
98 KB
Script
General
Full URL
https://unpkg.com/vconsole@3.15.1/dist/vconsole.min.js
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/
Protocol
H2
Server
104.17.246.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341885ebd1db9f578514e86279a449c0a698be8826d94941808d6b556283ea16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"45ea1-zHmpUi70VxiMGCgyKLK4dZt/rx4"
age
340142
x-content-type-options
nosniff
date
Thu, 05 Dec 2024 05:35:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JE0GNVYFMK3CS3DVYM2T6VR9-yyz
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8ed1ac932eddab81-YYZ
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/vconsole@3.15.1/dist/vconsole.min.js
content-encoding
br
cf-cache-status
HIT
age
599
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8ed1ac92dea8ab81-YYZ
access-control-allow-origin
*
date
Thu, 05 Dec 2024 05:35:39 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JEAMFWYVHGS9A7PT66GYYN5H-yyz
server
cloudflare
main.0bd7d1ac.js
services-uat.prudential.co.th/static/js/
761 KB
227 KB
Script
General
Full URL
https://services-uat.prudential.co.th/static/js/main.0bd7d1ac.js
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
637b1dfe3afd18fe5c0c3d6425c9e70322a15ae7b5633a9279d098385e2909e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Iinfo
18-112345607-112333235 3NYN RT(1733376938004 1315) q(0 0 0 -1) r(2 2) U2
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
ETag
"66fb7b99-be31b"
X-CDN
Imperva
Connection
keep-alive
Accept-Ranges
bytes
Date
Thu, 05 Dec 2024 05:35:40 GMT
Content-Type
application/javascript
Last-Modified
Tue, 01 Oct 2024 04:33:29 GMT
main.29595c54.css
services-uat.prudential.co.th/static/css/
228 KB
35 KB
Stylesheet
General
Full URL
https://services-uat.prudential.co.th/static/css/main.29595c54.css
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9dd6a9695a4e382818ed4614527400bb80d254ae15a00db17dd47d3c291b73e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Iinfo
17-93174147-93170459 3NYN RT(1733376939084 39) q(0 0 0 -1) r(2 2) U2
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
ETag
"66fb7b99-390d0"
X-CDN
Imperva
Connection
keep-alive
Accept-Ranges
bytes
Date
Thu, 05 Dec 2024 05:35:40 GMT
Content-Type
text/css
Last-Modified
Tue, 01 Oct 2024 04:33:29 GMT
_Incapsula_Resource
services-uat.prudential.co.th/
89 KB
21 KB
Script
General
Full URL
https://services-uat.prudential.co.th/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1525460745
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
961ad3f58adebae9d8aaeba6269983847b494b3089d29ce95bce47986e548b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Strict-Transport-Security
max-age=31536000
X-Robots-Tag
noindex
Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
21656
Content-Type
application/javascript
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/
547 KB
216 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://services-uat.prudential.co.th
Referer
https://services-uat.prudential.co.th/

Response headers

content-encoding
gzip
age
53492
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 14:44:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 14:44:08 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220753
x-xss-protection
0
server
sffe
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+Thai:wght@100;200;300;400;500;600;700&display=swap
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/static/css/main.29595c54.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.138 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f10.1e100.net
Software
ESF /
Resource Hash
f8f9b1cd7479366917d86c8e443c0004335067ab4de8542592b0d2b318aa39d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 05:35:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 05:35:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 05 Dec 2024 05:35:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
_Incapsula_Resource
services-uat.prudential.co.th/
1 B
168 B
Image
General
Full URL
https://services-uat.prudential.co.th/_Incapsula_Resource?SWKMTFSR=1&e=0.33244034577205883
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Strict-Transport-Security
max-age=31536000
X-Robots-Tag
noindex
Cache-Control
no-cache, no-store
Content-Length
1
Content-Type
text/plain
iJWQBXeUZi_OHPqn4wq6hQ2_hbJ1xyN9wd43SofNWcdfPI2h.woff2
fonts.gstatic.com/s/notosansthai/v25/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosansthai/v25/iJWQBXeUZi_OHPqn4wq6hQ2_hbJ1xyN9wd43SofNWcdfPI2h.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Thai:wght@100;200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f3.1e100.net
Software
sffe /
Resource Hash
21bd9469614c0a0e520360eb6b5b8f14f0ef89268a0a55c61807810618e5ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://services-uat.prudential.co.th
Referer
https://fonts.googleapis.com/

Response headers

age
494910
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 12:07:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 12:07:10 GMT
last-modified
Tue, 24 Oct 2023 01:26:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30720
x-xss-protection
0
server
sffe
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: services-uat.prudential.co.th
URL: https://services-uat.prudential.co.th/static/js/main.0bd7d1ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

content-encoding
gzip
age
3720
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 06:33:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 04:33:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
maintenance-pc-flag
services-dev.prudential.co.th/api/master-data/
216 B
926 B
Fetch
General
Full URL
https://services-dev.prudential.co.th/api/master-data/maintenance-pc-flag
Requested by
Host: unpkg.com
URL: https://unpkg.com/vconsole@latest/dist/vconsole.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ Express
Resource Hash
6ef124898f7aaa1496998e387f3fedb3f96713847cadb49f44cffca37ccf18b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

strict-transport-security
max-age=31536000
x-iinfo
8-12233764-12233766 NNYN CT(210 424 0) RT(1733376940917 43) q(0 0 6 0) r(9 9) U12
content-encoding
gzip
etag
W/"d8-7Ad/rT8/36V1iFucl9BVisqLJF8"
x-cdn
Imperva
access-control-allow-origin
*
date
Thu, 05 Dec 2024 05:35:42 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
translation.json
services-uat.prudential.co.th/locales/th/
24 KB
5 KB
Fetch
General
Full URL
https://services-uat.prudential.co.th/locales/th/translation.json?v=1.0.1
Requested by
Host: unpkg.com
URL: https://unpkg.com/vconsole@latest/dist/vconsole.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8764b4416f2ea79474f3dfee8619b09b4bf2c4e0a4b8d6f06ea34eb285c9e871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Iinfo
18-112345607-112345609 SNYN RT(1733376938004 2853) q(0 0 0 -1) r(2 4) U2
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
ETag
"66fb7b5a-5ed3"
X-CDN
Imperva
Connection
keep-alive
Accept-Ranges
bytes
Date
Thu, 05 Dec 2024 05:35:41 GMT
Content-Type
application/json
Last-Modified
Tue, 01 Oct 2024 04:32:26 GMT
collect
www.google-analytics.com/j/
15 B
443 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1104964628&t=pageview&_s=1&dl=https%3A%2F%2Fservices-uat.prudential.co.th%2F&dp=%2F&ul=en-ca&de=UTF-8&dt=PRUConnect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1300698529&gjid=734143311&cid=396197574.1733376942&tid=UA-116129900-3&_gid=1546479168.1733376942&_r=1&_slc=1&z=1287067677
Requested by
Host: unpkg.com
URL: https://unpkg.com/vconsole@latest/dist/vconsole.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
08e1a73e5c0b2681d236967f77e6bdf5e3de7cff4ac78007b587c051d2359a92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://services-uat.prudential.co.th/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 05:35:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://services-uat.prudential.co.th
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
favicon.ico
services-uat.prudential.co.th/
41 KB
41 KB
Other
General
Full URL
https://services-uat.prudential.co.th/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
19e7629c618bed2a5165727b0c295850cd853a4c981c70af3b89b431008bc702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Strict-Transport-Security
max-age=31536000
X-Iinfo
7-9285198-9285208 NNNN CT(228 210 0) RT(1733376939390 1580) q(0 0 5 -1) r(7 9) U2
Cache-Control
no-store, no-cache, must-revalidate
ETag
"66fb7b5a-a341"
X-CDN
Imperva
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41793
Date
Thu, 05 Dec 2024 05:35:42 GMT
Content-Type
image/x-icon
Last-Modified
Tue, 01 Oct 2024 04:32:26 GMT
js
www.googletagmanager.com/gtag/
278 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DBCEGT7KT4&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
10f8c92556077c12d3429c439fa4a01d17225d46f9e1e8a7b339e88f36a73301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 05 Dec 2024 05:35:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 05:35:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100220
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/
0
267 B
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DBCEGT7KT4&gtm=45je4c30v9124788016za200&_p=1733376941879&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&ul=en-ca&sr=1600x1200&cid=396197574.1733376942&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fservices-uat.prudential.co.th%2F&dp=%2F&dt=PRUConnect&sid=1733376942&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3401
Requested by
Host: unpkg.com
URL: https://unpkg.com/vconsole@latest/dist/vconsole.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://services-uat.prudential.co.th
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 05:35:42 GMT
content-type
text/plain
server
Golfe2
pru-logo.svg
services-uat.prudential.co.th/assets/images/
34 KB
26 KB
Image
General
Full URL
https://services-uat.prudential.co.th/assets/images/pru-logo.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d34a35616b02bac3417e1f1ee1fdf0e703c95db4b5aa02b428361fe1cb8f002c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Iinfo
7-9285198-9285208 SNYN RT(1733376939390 2734) q(0 0 0 -1) r(2 2) U2
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
ETag
"66fb7b5a-861d"
X-CDN
Imperva
Connection
keep-alive
Accept-Ranges
bytes
Date
Thu, 05 Dec 2024 05:35:43 GMT
Content-Type
image/svg+xml
Last-Modified
Tue, 01 Oct 2024 04:32:26 GMT
server-error.svg
services-uat.prudential.co.th/assets/icons/warning/
5 KB
2 KB
Image
General
Full URL
https://services-uat.prudential.co.th/assets/icons/warning/server-error.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.45.148 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
84b40afb614240a746fca56f06c0d9e7dbce852711346b3eb69dab3d3e09518e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://services-uat.prudential.co.th/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Iinfo
18-112345607-112345609 SNYN RT(1733376938004 4120) q(0 0 0 -1) r(2 2) U2
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
ETag
"66fb7b5a-12aa"
X-CDN
Imperva
Connection
keep-alive
Accept-Ranges
bytes
Date
Thu, 05 Dec 2024 05:35:43 GMT
Content-Type
image/svg+xml
Last-Modified
Tue, 01 Oct 2024 04:32:26 GMT
iJWQBXeUZi_OHPqn4wq6hQ2_hbJ1xyN9wd43SofNWcdfKI2hX2g.woff2
fonts.gstatic.com/s/notosansthai/v25/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosansthai/v25/iJWQBXeUZi_OHPqn4wq6hQ2_hbJ1xyN9wd43SofNWcdfKI2hX2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Thai:wght@100;200;300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f3.1e100.net
Software
sffe /
Resource Hash
0d5b14a74e48b7a133c93f7f9bab1de745c8e13a7804875203d7598d0197fefa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://services-uat.prudential.co.th
Referer
https://fonts.googleapis.com/

Response headers

age
540988
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 23:19:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 23:19:15 GMT
last-modified
Tue, 24 Oct 2023 01:18:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
26348
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| env object| regeneratorRuntime function| VConsole object| vConsole object| __VCONSOLE_INSTANCE object| _vcOrigConsole object| _0xf3c5 function| _0x5f3c object| numberA object| recaptcha object| webpackChunkpc_web function| __mp_recorder object| liff string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

10 Cookies

Domain/Path Name / Value
services-uat.prudential.co.th/ Name: acn-boulea-pltpc-services-uat.prudential.co.th-443-_CORS
Value: bee7dcd686c9fa41e7dd06f62e6da5ea
services-uat.prudential.co.th/ Name: acn-boulea-pltpc-services-uat.prudential.co.th-443-_
Value: bee7dcd686c9fa41e7dd06f62e6da5ea
.prudential.co.th/ Name: visid_incap_3057228
Value: DafLjZHyTHaR9M9e8J4QYKo7UWcAAAAAQUIPAAAAAAB7XQ27v/p6RkRzEWXw5/w/
.prudential.co.th/ Name: nlbi_3057228
Value: 30RuMl0GNieCuwIJsYomiQAAAAAJsmM1U7E/pOidRk0/JSPW
.prudential.co.th/ Name: incap_ses_410_3057228
Value: WYPcKVBRRGlbht7UBJ2wBao7UWcAAAAAGVhg6WKcYbpk6dnyFDnk+w==
.prudential.co.th/ Name: mp_68c7055c2614906eb5fd66bdac08d437_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A19395511e6eb60-021bcf5c1c9f59-16462c6e-1d4c00-19395511e6eb60%22%2C%22%24device_id%22%3A%20%2219395511e6eb60-021bcf5c1c9f59-16462c6e-1d4c00-19395511e6eb60%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.prudential.co.th/ Name: _ga
Value: GA1.3.396197574.1733376942
.prudential.co.th/ Name: _gid
Value: GA1.3.1546479168.1733376942
.prudential.co.th/ Name: _gat
Value: 1
.prudential.co.th/ Name: _ga_DBCEGT7KT4
Value: GS1.3.1733376942.1.0.1733376942.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
services-dev.prudential.co.th
services-uat.prudential.co.th
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.246.203
142.250.65.227
142.250.72.100
142.250.80.104
142.250.80.110
142.251.40.138
142.251.40.227
45.60.45.148
08e1a73e5c0b2681d236967f77e6bdf5e3de7cff4ac78007b587c051d2359a92
0d5b14a74e48b7a133c93f7f9bab1de745c8e13a7804875203d7598d0197fefa
10f8c92556077c12d3429c439fa4a01d17225d46f9e1e8a7b339e88f36a73301
19e7629c618bed2a5165727b0c295850cd853a4c981c70af3b89b431008bc702
21bd9469614c0a0e520360eb6b5b8f14f0ef89268a0a55c61807810618e5ce12
341885ebd1db9f578514e86279a449c0a698be8826d94941808d6b556283ea16
637b1dfe3afd18fe5c0c3d6425c9e70322a15ae7b5633a9279d098385e2909e7
6ef124898f7aaa1496998e387f3fedb3f96713847cadb49f44cffca37ccf18b8
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
84b40afb614240a746fca56f06c0d9e7dbce852711346b3eb69dab3d3e09518e
8764b4416f2ea79474f3dfee8619b09b4bf2c4e0a4b8d6f06ea34eb285c9e871
8cb1ddb8443da402fa2cb60dc56808a59e5e78a721045828fd8313215e52e910
961ad3f58adebae9d8aaeba6269983847b494b3089d29ce95bce47986e548b25
9dd6a9695a4e382818ed4614527400bb80d254ae15a00db17dd47d3c291b73e9
b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd
d34a35616b02bac3417e1f1ee1fdf0e703c95db4b5aa02b428361fe1cb8f002c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59648c250b716f96b63928fce4c42c909b4a5dde129fc25990db0970d445e64
f8f9b1cd7479366917d86c8e443c0004335067ab4de8542592b0d2b318aa39d9