urlscan.io logo urlscan.io
SecurityTrails logo

accessdev.scg.co.th Open in urlscan Pro
202.183.207.245  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://exo-uat.scgd.co/
Effective URL: https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://s...
Submission: On July 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 202.183.207.245, located in and belongs to . The main domain is accessdev.scg.co.th.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 18th 2020. Valid for: 2 years.
This is the only time accessdev.scg.co.th was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2620:1ec:46::45 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2620:1ec:bdf::45 8068 (MICROSOFT...)
2 202.183.207.245 ()
14 6
8    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
exo-uat.scgd.co
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sso-dev.scgd.co
2    202.183.207.245 (None, )

ASN- ()
accessdev.scg.co.th
Apex Domain
Subdomains		 Transfer
9 scgd.co
exo-uat.scgd.co
sso-dev.scgd.co
3 MB
2 scg.co.th
accessdev.scg.co.th
33 KB
1 gstatic.com
fonts.gstatic.com
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 737
22 KB
14 5
Domain Requested by
8 exo-uat.scgd.co exo-uat.scgd.co
2 accessdev.scg.co.th exo-uat.scgd.co
accessdev.scg.co.th
1 sso-dev.scgd.co 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com exo-uat.scgd.co
1 maxcdn.bootstrapcdn.com exo-uat.scgd.co
14 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.scg.co.th
DigiCert SHA2 Secure Server CA		 2020-08-18 -
2022-10-03		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso-dev.scgd.co/auth/callback/adfs&resource=https://sso-dev.scgd.co/&response_mode=query
Frame ID: 897484A4E0B35A9EE23B8A2B65FFBFC1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://exo-uat.scgd.co/ Page URL
  2. https://sso-dev.scgd.co/login/SCG/expressordering_uat HTTP 302
    https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&re... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

14
Requests

36 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

3022 kB
Transfer

3153 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://exo-uat.scgd.co/ Page URL
  2. https://sso-dev.scgd.co/login/SCG/expressordering_uat HTTP 302
    https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso-dev.scgd.co/auth/callback/adfs&resource=https://sso-dev.scgd.co/&response_mode=query Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
exo-uat.scgd.co/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://exo-uat.scgd.co/
Protocol
HTTP/1.1
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e0219c3c8265d023e169200a5b7b36b983a5149694154a65b883187f56178a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 25 Jul 2022 17:16:46 GMT
ETag
W/"6220a57c-1b95"
Expires
Mon, 25 Jul 2022 17:16:45 GMT
Last-Modified
Thu, 03 Mar 2022 11:24:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Azure-Ref
0/c/eYgAAAADAsgTokqIyR6Z9qitXqhehRlJBMzFFREdFMDkxOABmMmM0ZTA4ZS1mZTQ5LTQ1MzctOTIzYy0zYmUzNmQyYjU3MGE=
X-Cache
CONFIG_NOCACHE
X-Frame-Options
SAMEORIGIN
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 25 Jul 2022 17:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
15675273
cdn-cachedat
12/27/2021 13:09:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
88833c14bb1c0cf39c9fdd8fd8f440ab
cf-ray
73068b97ee849a30-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
styles.30637ee3774ba39a3248.css
exo-uat.scgd.co/ 		410 KB
411 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://exo-uat.scgd.co/styles.30637ee3774ba39a3248.css
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/
Protocol
HTTP/1.1
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a4f88d71214427eae2adaa77e7e83c60f083a0beb1cb8bf08110e30176a3ff61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Last-Modified
Thu, 03 Mar 2022 11:24:43 GMT
ETag
"6220a57b-669ae"
X-Frame-Options
SAMEORIGIN
X-Cache
CONFIG_NOCACHE
Content-Type
text/css
Cache-Control
max-age=31449600
Date
Mon, 25 Jul 2022 17:16:46 GMT
X-Azure-Ref
0/s/eYgAAAAAonMe8OJDlSZVUxoRSCcjoRlJBMzFFREdFMDkxOABmMmM0ZTA4ZS1mZTQ5LTQ1MzctOTIzYy0zYmUzNmQyYjU3MGE=
Accept-Ranges
bytes
Content-Length
420270
runtime.98f26924c58f8cd119d5.js
exo-uat.scgd.co/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://exo-uat.scgd.co/runtime.98f26924c58f8cd119d5.js
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/
Protocol
HTTP/1.1
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8683bb8b10fbf75e22e07bdcffed77f3bd165c175c8a380c2825852458e0a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Last-Modified
Thu, 03 Mar 2022 11:24:43 GMT
ETag
"6220a57b-a3d"
X-Frame-Options
SAMEORIGIN
X-Cache
CONFIG_NOCACHE
Content-Type
application/javascript
Cache-Control
max-age=31449600
Date
Mon, 25 Jul 2022 17:16:46 GMT
X-Azure-Ref
0/s/eYgAAAAA9Km5afHKOTqTkrUQY8K88RlJBMzFFREdFMDMxNwBmMmM0ZTA4ZS1mZTQ5LTQ1MzctOTIzYy0zYmUzNmQyYjU3MGE=
Accept-Ranges
bytes
Content-Length
2621
polyfills.0509a9143edc1bdc48ca.js
exo-uat.scgd.co/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://exo-uat.scgd.co/polyfills.0509a9143edc1bdc48ca.js
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/
Protocol
HTTP/1.1
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4288196bfca8d9450131b4cf01c51218f68f0b5098cd43ed8f222e8d5ecca52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Last-Modified
Thu, 03 Mar 2022 11:24:43 GMT
ETag
"6220a57b-9293"
X-Frame-Options
SAMEORIGIN
X-Cache
CONFIG_NOCACHE
Content-Type
application/javascript
Cache-Control
max-age=31449600
Date
Mon, 25 Jul 2022 17:16:47 GMT
X-Azure-Ref
0/s/eYgAAAAC7t/DNsMa1So/AX8yCG+qKRlJBMzFFREdFMDMxMwBmMmM0ZTA4ZS1mZTQ5LTQ1MzctOTIzYy0zYmUzNmQyYjU3MGE=
Accept-Ranges
bytes
Content-Length
37523
scripts.de36e5eda7f664b4aec6.js
exo-uat.scgd.co/ 		204 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://exo-uat.scgd.co/scripts.de36e5eda7f664b4aec6.js
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/
Protocol
HTTP/1.1
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d2bc8212ef5598c0cd6bd8a3543cb5895802efc72c08358ab03f2029330c2e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Last-Modified
Thu, 03 Mar 2022 11:24:43 GMT
ETag
"6220a57b-32f80"
X-Frame-Options
SAMEORIGIN
X-Cache
CONFIG_NOCACHE
Content-Type
application/javascript
Cache-Control
max-age=31449600
Date
Mon, 25 Jul 2022 17:16:46 GMT
X-Azure-Ref
0/s/eYgAAAAAKwCYHCEJIRaINeVXLMOYfRlJBMzFFREdFMDMxNQBmMmM0ZTA4ZS1mZTQ5LTQ1MzctOTIzYy0zYmUzNmQyYjU3MGE=
Accept-Ranges
bytes
Content-Length
208768
main.5759a5e95220ead27fd1.js
exo-uat.scgd.co/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
http://exo-uat.scgd.co/main.5759a5e95220ead27fd1.js
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/
Protocol
HTTP/1.1
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bf47f669f9d0009e5f610c51595c798eb0ad0c303eba0d1548d3113e698ff72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Last-Modified
Thu, 03 Mar 2022 11:24:43 GMT
ETag
"6220a57b-236528"
X-Frame-Options
SAMEORIGIN
X-Cache
CONFIG_NOCACHE
Content-Type
application/javascript
Cache-Control
max-age=31449600
Date
Mon, 25 Jul 2022 17:16:46 GMT
X-Azure-Ref
0/s/eYgAAAAArviYDMAcEQaXn40wGIst7RlJBMzFFREdFMDMxNgBmMmM0ZTA4ZS1mZTQ5LTQ1MzctOTIzYy0zYmUzNmQyYjU3MGE=
Accept-Ranges
bytes
Content-Length
2319656
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;1,100;1,200;1,300;1,400;1,500;1,600&display=swap
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/styles.30637ee3774ba39a3248.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35c48e56dda8dfe422c6041c04d88f6754730f6eb19f58a80430958a33adf7bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 17:16:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 17:16:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 17:16:47 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;1,100;1,200;1,300;1,400;1,500;1,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://exo-uat.scgd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 20 Jul 2022 19:25:28 GMT
x-content-type-options
nosniff
age
424279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 19:25:28 GMT
9.9cce3398954ae1632713.js
exo-uat.scgd.co/ 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://exo-uat.scgd.co/9.9cce3398954ae1632713.js
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/runtime.98f26924c58f8cd119d5.js
Protocol
HTTP/1.1
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0aa5253c1461444efcf872c32551f648daaacebf8f704eb6a1673a86c3e6d0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Last-Modified
Thu, 03 Mar 2022 11:24:43 GMT
ETag
"6220a57b-811a"
X-Frame-Options
SAMEORIGIN
X-Cache
CONFIG_NOCACHE
Content-Type
application/javascript
Cache-Control
max-age=31449600
Date
Mon, 25 Jul 2022 17:16:48 GMT
X-Azure-Ref
0AdDeYgAAAAAUC/R/Y3/sQ5tmhyEcnoz3RlJBMzFFREdFMDMxNgBmMmM0ZTA4ZS1mZTQ5LTQ1MzctOTIzYy0zYmUzNmQyYjU3MGE=
Accept-Ranges
bytes
Content-Length
33050
11.7376951fa909427906c2.js
exo-uat.scgd.co/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://exo-uat.scgd.co/11.7376951fa909427906c2.js
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/runtime.98f26924c58f8cd119d5.js
Protocol
HTTP/1.1
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2e2ab335f4b6d7f2de5003c11c1fbeccf4a732f5fc1eda0d9b5d2d7205ecfc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://exo-uat.scgd.co/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Last-Modified
Thu, 03 Mar 2022 11:24:43 GMT
ETag
"6220a57b-4db"
X-Frame-Options
SAMEORIGIN
X-Cache
CONFIG_NOCACHE
Content-Type
application/javascript
Cache-Control
max-age=31449600
Date
Mon, 25 Jul 2022 17:16:48 GMT
X-Azure-Ref
0AdDeYgAAAADAWl32FRCZTackurN6v6qGRlJBMzFFREdFMDMxNgBmMmM0ZTA4ZS1mZTQ5LTQ1MzctOTIzYy0zYmUzNmQyYjU3MGE=
Accept-Ranges
bytes
Content-Length
1243
Primary Request authorize
accessdev.scg.co.th/adfs/oauth2/
Redirect Chain
  • https://sso-dev.scgd.co/login/SCG/expressordering_uat
  • https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso-dev.scgd.co/auth/callback/adfs&resource=https://sso-dev.scgd.co/&respo...
24 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso-dev.scgd.co/auth/callback/adfs&resource=https://sso-dev.scgd.co/&response_mode=query
Requested by
Host: exo-uat.scgd.co
URL: http://exo-uat.scgd.co/main.5759a5e95220ead27fd1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.183.207.245 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c5a34f2773e58a10bf4fdde8f8c5692c3ed2d473dbd02afa8cd8584c138b167d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://exo-uat.scgd.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
24690
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Jul 2022 17:16:52 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

access-control-allow-headers
Authorization,Origin, Content-Type, Ocp-Apim-Subscription-Key, X-Requested-With, Accept
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT ,PATCH
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
de-DE
content-length
0
date
Mon, 25 Jul 2022 17:16:51 GMT
expires
0
location
https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso-dev.scgd.co/auth/callback/adfs&resource=https://sso-dev.scgd.co/&response_mode=query
pragma
no-cache
x-application-context
application:dev:8072
x-azure-ref
0AtDeYgAAAAAVSCGuADptQZ6jhwrGTC4hRlJBMzFFREdFMDkwOAAwZmE4ZjQwZC0yMjg5LTQzNTItYjQ4Ny1lYWNjODAzOWRlZDQ=
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
style.css
accessdev.scg.co.th/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accessdev.scg.co.th/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Requested by
Host: accessdev.scg.co.th
URL: https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso-dev.scgd.co/auth/callback/adfs&resource=https://sso-dev.scgd.co/&response_mode=query
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.183.207.245 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accessdev.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso-dev.scgd.co/auth/callback/adfs&resource=https://sso-dev.scgd.co/&response_mode=query
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Content-Type
text/css
Date
Mon, 25 Jul 2022 17:16:52 GMT
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Length
7812
X-XSS-Protection
1; mode=block
Expires
Wed, 24 Aug 2022 17:16:53 GMT
illustration.png
accessdev.scg.co.th/adfs/portal/illustration/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accessdev.scg.co.th
URL
https://accessdev.scg.co.th/adfs/portal/illustration/illustration.png?id=2A9481E4724E3D634CF2E42FE82DA49EBB5499D3B7421456D6E7153E760BE0DC

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

3 Cookies

Domain/Path Name / Value
sso-dev.scgd.co/ Name: sso-scgd-app
Value: expressordering_uat
sso-dev.scgd.co/ Name: ASLBSA
Value: 8838c64818b236b1596c2d9e21668ae4d7958803379b999a82411ee9804a6cfe
sso-dev.scgd.co/ Name: ASLBSACORS
Value: 8838c64818b236b1596c2d9e21668ae4d7958803379b999a82411ee9804a6cfe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN