urlscan.io logo urlscan.io
SecurityTrails logo

access.scg.co.th Open in urlscan Pro
202.183.207.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin.sso.scgd.co/
Effective URL: https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://s...
Submission: On September 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 19 HTTP transactions. The main IP is 202.183.207.240, located in Bangkok, Thailand and belongs to CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH. The main domain is access.scg.co.th.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 18th 2023. Valid for: a year.
This is the only time access.scg.co.th was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2620:1ec:46::45 8075 (MICROSOFT...)
4 202.183.207.240 4750 (CSLOXINFO...)
19 3
Apex Domain
Subdomains		 Transfer
15 scgd.co
admin.sso.scgd.co
sso.scgd.co
5 MB
4 scg.co.th
access.scg.co.th
119 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
958 B
19 3
Domain Requested by
14 admin.sso.scgd.co admin.sso.scgd.co
4 access.scg.co.th admin.sso.scgd.co
access.scg.co.th
1 sso.scgd.co 1 redirects
1 fonts.googleapis.com admin.sso.scgd.co
19 4

This site contains no links.

Subject Issuer Validity Valid
admin.sso.scgd.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-25 -
2023-12-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.scg.co.th
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
Frame ID: FC68732C1DBBC4ACB6E1D3FFE712EDEE
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://admin.sso.scgd.co/ Page URL
  2. https://sso.scgd.co/login/SCG/usermanagement HTTP 302
    https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&re... Page URL

Page Statistics

19
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

4758 kB
Transfer

4749 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.sso.scgd.co/ Page URL
  2. https://sso.scgd.co/login/SCG/usermanagement HTTP 302
    https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
admin.sso.scgd.co/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae0db4be33a0b39512281bc72b7843a66f33d58ef8fbfe0abd89848220a63b2e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
1524
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Fri, 22 Sep 2023 10:49:49 GMT
etag
"6243263b-5f4"
last-modified
Tue, 29 Mar 2022 15:31:07 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains;
x-azure-ref
20230922T104948Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf3e
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		5 KB
958 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Sep 2023 10:49:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 09:54:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Sep 2023 10:49:49 GMT
util.js
admin.sso.scgd.co/assets/js/global/components/base/ 		52 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/assets/js/global/components/base/util.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89aac7b1d234ab8e933b4b96b637dae1ac94130cdf406715f9f64182525aee76
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-d1cf"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf7v
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
53711
header.js
admin.sso.scgd.co/assets/js/global/components/base/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/assets/js/global/components/base/header.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2893d47eb4929c301e80a469bee3165673fc64912eca5f61ebf6c2ccd30c9e50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-1887"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf7w
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
6279
menu.js
admin.sso.scgd.co/assets/js/global/components/base/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/assets/js/global/components/base/menu.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea677456ab9845b497ec6d651f1684f90e20f2badf43c58de2b390f572c8a35a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-6e20"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf7x
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
28192
offcanvas.js
admin.sso.scgd.co/assets/js/global/components/base/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/assets/js/global/components/base/offcanvas.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8dcbf3641979e67acf1a68eb1fd1b64df60d1d3b5213df6af767d3b56253f4f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-2109"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf7y
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
8457
scrolltop.js
admin.sso.scgd.co/assets/js/global/components/base/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/assets/js/global/components/base/scrolltop.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df40928d11c691a4b289db77d42c53342272b9733d9be4124e6757150f2b2203
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-124e"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf7z
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
4686
toggle.js
admin.sso.scgd.co/assets/js/global/components/base/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/assets/js/global/components/base/toggle.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a874ecfa8859db7f5f86a85849a2f3054332458de3e83ab3c646809ccb8196a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-1522"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf80
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
5410
dialog.js
admin.sso.scgd.co/assets/js/global/components/base/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/assets/js/global/components/base/dialog.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
968b1fa2b6c98d9eff71eb2e00853f75cc9c738ec58dc73dede41697c3939dd9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-1111"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf82
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
4369
wizard.js
admin.sso.scgd.co/assets/js/global/components/base/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/assets/js/global/components/base/wizard.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbb572f31314cb9a3ffbb7fa52053e9ca143dacca8547c1b906205786fda4176
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-2fff"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf83
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
12287
styles.d9efbe29bbe81d205d8f.css
admin.sso.scgd.co/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/styles.d9efbe29bbe81d205d8f.css
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1941261b3058ef32903616005dc5342b0677a36afc4be5f53b9c4e014c958c81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-1222d8"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf81
content-type
text/css
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
1188568
runtime.2ee4e0a848430b9fed57.js
admin.sso.scgd.co/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/runtime.2ee4e0a848430b9fed57.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d7a6a8b832207cbf0611381b4853acec7cf235fe4fcc665245d69a7adcecbdf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-9d2"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf84
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
2514
polyfills.e170ca8b5bfc54c3f336.js
admin.sso.scgd.co/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/polyfills.e170ca8b5bfc54c3f336.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
226d28f71d6a8ca1061fd90bd45120ac6a42172c6bc3176fafa969db1b50561f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-abf7"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf85
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
44023
main.751f02338f2468e51372.js
admin.sso.scgd.co/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.sso.scgd.co/main.751f02338f2468e51372.js
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d9078b4ce19ed1c2503e50c2e08be6c04c16338b087d6ab85ec5df55da76726
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:03 GMT
x-content-type-options
nosniff
etag
"62432637-303681"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104949Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zf86
content-type
application/javascript
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
3159681
Primary Request authorize
access.scg.co.th/adfs/oauth2/
Redirect Chain
  • https://sso.scgd.co/login/SCG/usermanagement
  • https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
24 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
Requested by
Host: admin.sso.scgd.co
URL: https://admin.sso.scgd.co/main.751f02338f2468e51372.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.183.207.240 Bangkok, Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
Software
/
Resource Hash
8e025bf51fefb32bbcb966d8406c46048167a2647017e45fa51b17f97a482c30
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.sso.scgd.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
24805
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Fri, 22 Sep 2023 10:49:55 GMT
Expires
-1
Pragma
no-cache
Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

access-control-allow-headers
Authorization,Origin, Content-Type, Ocp-Apim-Subscription-Key, X-Requested-With, Accept
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT ,PATCH
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
de-DE
content-length
0
content-security-policy
frame-ancestors 'self'
date
Fri, 22 Sep 2023 10:49:52 GMT
expires
0
location
https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
pragma
no-cache
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains;
x-application-context
application:8072
x-azure-ref
20230922T104952Z-4vkk26qyud24dd6use69rfa0dn00000001tg000000013kq2
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
logo_scg_lg.png
admin.sso.scgd.co/assets/media/logos/ 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.sso.scgd.co/assets/media/logos/logo_scg_lg.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.sso.scgd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:49:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 29 Mar 2022 15:31:06 GMT
x-content-type-options
nosniff
etag
"6243263a-3505d"
x-frame-options
SAMEORIGIN
x-azure-ref
20230922T104952Z-p7fru1wh0923fec8sh1b95thr400000000a000000001zfrx
content-type
image/png
x-cache
CONFIG_NOCACHE
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
content-length
217181
style.css
access.scg.co.th/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://access.scg.co.th/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Requested by
Host: access.scg.co.th
URL: https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.183.207.240 Bangkok, Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
Software
/
Resource Hash
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Fri, 22 Sep 2023 10:49:55 GMT
ETag
D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Content-Type
text/css
Content-Length
7812
X-XSS-Protection
1; mode=block
Expires
Sun, 22 Oct 2023 10:49:55 GMT
logo.png
access.scg.co.th/adfs/portal/logo/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.scg.co.th/adfs/portal/logo/logo.png?id=6E18DF1ACFF1101E16FC8DA6DC14AA45F465FFDD3865E9FCD439179E795CFB48
Requested by
Host: access.scg.co.th
URL: https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.183.207.240 Bangkok, Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
Software
/
Resource Hash
6e18df1acff1101e16fc8da6dc14aa45f465ffdd3865e9fcd439179e795cfb48
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Fri, 22 Sep 2023 10:49:55 GMT
ETag
6E18DF1ACFF1101E16FC8DA6DC14AA45F465FFDD3865E9FCD439179E795CFB48
Content-Type
image/png
Content-Length
9461
X-XSS-Protection
1; mode=block
Expires
Sun, 22 Oct 2023 10:49:55 GMT
illustration.png
access.scg.co.th/adfs/portal/illustration/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.scg.co.th/adfs/portal/illustration/illustration.png?id=2A9481E4724E3D634CF2E42FE82DA49EBB5499D3B7421456D6E7153E760BE0DC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.183.207.240 Bangkok, Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
Software
/
Resource Hash
2a9481e4724e3d634cf2e42fe82da49ebb5499d3b7421456d6e7153e760be0dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.scg.co.th/adfs/oauth2/authorize?response_type=code&client_id=digital_authentication&redirect_uri=https://sso.scgd.co/auth/callback/adfs&resource=https://sso.scgd.co/&response_mode=query
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Content-Type-Options
nosniff
Date
Fri, 22 Sep 2023 10:49:55 GMT
ETag
2A9481E4724E3D634CF2E42FE82DA49EBB5499D3B7421456D6E7153E760BE0DC
Content-Type
image/png
Content-Length
78441
X-XSS-Protection
1; mode=block
Expires
Sun, 22 Oct 2023 10:49:55 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration object| loginMessage object| userNameInput

1 Cookies

Domain/Path Name / Value
sso.scgd.co/ Name: sso-scgd-app
Value: usermanagement

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN