Domain principal.com.my
United States
Software information
Apache
tcp/80
Microsoft-Azure-Application-Gateway v2
tcp/443
Microsoft-IIS 10.0
tcp/443
awselb 2.0
tcp/443
cloudflare
tcp/443 tcp/80
nginx
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.43.175.104
Domain: summeruat.principal.com.my
Port: 443
URL: https://summeruat.principal.com.myFirst seen 2025-10-28 15:15
Last seen 2026-02-01 22:31
Open for 96 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-02-01 22:31
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-13 15:30
Last seen 2026-01-02 22:03
Open for 50 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-01-02 22:03
-
-
Open service 35.71.145.235:443 · investuat.login.principal.com.my
2026-02-04 01:54
HTTP/1.1 302 Found Date: Wed, 04 Feb 2026 01:54:25 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aYKm0flww_ctBxp36_4SIgAAA0Q accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy-report-only: default-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-staging.kerberos.okta.com principal-ciam7-staging.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.staging.principal.th accounts.ifa.staging.principal.th rsc2.members.pilot.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-HxJTkesBMVVNMR0UNHNCnw' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investuat.principal.com.my https://investuat.login.principal.com.my content-security-policy: default-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-staging.kerberos.okta.com principal-ciam7-staging.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.staging.principal.th accounts.ifa.staging.principal.th rsc2.members.pilot.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-HxJTkesBMVVNMR0UNHNCnw' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investuat.principal.com.my https://investuat.login.principal.com.my location: https://investuat.principal.com.my/sign-in Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-02-04 by HttpPluginCreate report
-
Open service 2620:12a:8000::3:443 · principal.com.my
2026-01-26 15:58
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Content-Type: text/html; charset=UTF-8 Location: https://www.principal.com.my/ Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Pantheon-Styx-Hostname: styx-fe3-a-856584b44b-kcfrs X-Styx-Req-Id: 429e2d03-faa9-11f0-8f33-a22e3838a8f7 Cache-Control: public, max-age=86400 Age: 16565 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 2a03:b0c0:3:d0::fe3:3001 X-Real-Client-IP: 2a03:b0c0:3:d0::fe3:3001 Access-Control-Allow-Origin: * Date: Mon, 26 Jan 2026 15:58:17 GMT X-Served-By: cache-chi-kigq8000121-CHI, cache-fra-etou8220078-FRA, cache-fra-eddf8230140-FRA, cache-fra-eddf8230140-FRA X-Cache: HIT, HIT, MISS, MISS X-Cache-Hits: 4, 3, 0, 0 X-Timer: S1769443098.850607,VS0,VE18 Vary: Cookie, Cookie
Found 2026-01-26 by HttpPluginCreate report
-
Open service 2620:12a:8001::3:80 · principal.com.my
2026-01-26 15:58
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Mon, 26 Jan 2026 15:58:14 GMT X-Served-By: cache-rtm-ehrd2290043-RTM, cache-rtm-ehrd2290043-RTM X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1769443095.527829,VS0,VE7
Found 2026-01-26 by HttpPluginCreate report
-
Open service 2620:12a:8000::3:80 · principal.com.my
2026-01-26 15:58
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Mon, 26 Jan 2026 15:58:24 GMT X-Served-By: cache-fra-eddf8230115-FRA, cache-fra-eddf8230115-FRA X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1769443105.976134,VS0,VE14
Found 2026-01-26 by HttpPluginCreate report
-
Open service 23.185.0.3:80 · principal.com.my
2026-01-26 15:58
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Mon, 26 Jan 2026 15:58:25 GMT X-Served-By: cache-vie6337-VIE, cache-vie6337-VIE X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1769443105.946326,VS0,VE135
Found 2026-01-26 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · summeruat.principal.com.my
2026-01-23 09:10
HTTP/1.1 302 Moved Temporarily Date: Fri, 23 Jan 2026 09:10:21 GMT Content-Type: text/html Content-Length: 138 Connection: close Server: nginx Location: https://summeruat.principal.com.my/backoffice/login X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Page title: 302 Found <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 13.107.246.44:443 · api02.principal.com.my
2026-01-23 04:26
HTTP/1.1 404 Not Found Date: Fri, 23 Jan 2026 04:26:36 GMT Content-Type: text/html Content-Length: 266478 Connection: close Vary: Accept-Encoding Cache-Control: no-store x-azure-ref: 20260123T042636Z-15dc44c76d4g8jsxhC1SG1gx0c00000005ng000000009myk X-Cache: CONFIG_NOCACHE Page title: Page not found <!DOCTYPE html> <!-- saved from url=(0058)https://df.onecloud.azure-test.net/Error/UE_404?shown=true --> <html lang="en" dir="ltr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Page not found</title> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="msapplication-config" content="none" /> <link rel="icon" type="image/x-icon" href="data:image/x-icon;base64,AAABAAQAQEAAAAEAIAAoQgAARgAAADAwAAABACAAqCUAAG5CAAAgIAAAAQAgAKgQAAAWaAAAEBAAAAEAIABoBAAAvngAACgAAABAAAAAgAAAAAEAIAAAAAAAAEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFound 2026-01-23 by HttpPluginCreate report
-
Open service 20.188.98.74:80 · otp.principal.com.my
2026-01-23 03:39
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 03:39:45 GMT Location: https://otp.principal.com.my/
Found 2026-01-23 by HttpPluginCreate report
-
Open service 20.188.98.74:443 · otp.principal.com.my
2026-01-23 03:39
HTTP/1.1 200 OK Content-Length: 11840 Connection: close Content-Type: text/html; charset=utf-8 Date: Fri, 23 Jan 2026 03:39:46 GMT Server: Microsoft-IIS/10.0 Cache-Control: private Set-Cookie: ASP.NET_SessionId=wskxhexpd1ef5q3irjrdsvu0; path=/; secure; HttpOnly; SameSite=Lax X-AspNet-Version: 4.0.30319 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Page title: CPAM OTP System <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><title> CPAM OTP System </title><link rel="stylesheet" type="text/css" href="css/template.css" /><link rel="stylesheet" type="text/css" href="css/login.css" /> <script type="text/javascript"> function disableSelection(target) { if (typeof target.onselectstart != "undefined") //IE route target.onselectstart = function() { return false } else if (typeof target.style.MozUserSelect != "undefined") //Firefox route target.style.MozUserSelect = "none" else //All other route (ie: Opera) target.onmousedown = function() { return false } target.style.cursor = "default" } </script> </head> <body> <form name="frm" method="post" action="./" id="frm"> <div> <input type="hidden" name="__LASTFOCUS" id="__LASTFOCUS" value="" /> <input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" /> <input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" /> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEwOTM5MDA5NTcPZBYCAgMPZBYGAgEPDxYCHgRUZXh0BRtDUEFNIE9UUCBTeXN0ZW0gIChDUEFNIE9UUClkZAIFD2QWAgIJD2QWAgICDxYCHgVjbGFzcwUQdmVyaWZpY2F0aW9uX2JnMhYIAgEPDxYEHghJbWFnZVVybAUcL2ltYWdlcy92ZXJpZmljYXRpb24vMy9zLnBuZx4HVmlzaWJsZWdkZAIDDw8WBB8CBRwvaW1hZ2VzL3ZlcmlmaWNhdGlvbi81LzkucG5nHwNnZGQCBQ8PFgQfAgUcL2ltYWdlcy92ZXJpZmljYXRpb24vMi9tLnBuZx8DZ2RkAgcPDxYEHwIFHC9pbWFnZXMvdmVyaWZpY2F0aW9uLzEvYy5wbmcfA2dkZAILDw8WAh8AZWRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ1pbWdidG5SZWZyZXNoaqMXMg5gwztRmFjxVkAXk1JPdMigXNjRX7qGmmCR1Us=" /> </div> <script type="text/javascript"> //<![CDATA[ var theForm = document.forms['frm']; if (!theForm) { theForm = document.frm; } function __doPostBack(eventTarget, eventArgument) { if (!theForm.onsubmit || (theForm.onsubmit() != false)) { theForm.__EVENTTARGET.value = eventTarget; theForm.__EVENTARGUMENT.value = eventArgument; theForm.submit(); } } //]]> </script> <script src="/WebResource.axd?d=IZMS0ULaKDxlcIXOsGEo_NtV4gJY-Exxywx3cUJle6hvwJ8W2TL_XrQu0rVo-50zQjWlYnV_QSYGFsMaamdzzGcLJNGAvYFHmuU-zUM_rNA1&t=638901526312636832" type="text/javascript"></script> <script src="/WebResource.axd?d=roLseZ8vmpkkpCBp7BGsk0ubIPnsoxOLO6zWkrnVapLX9Z32Pn5UvNPtBHwwSRoq-xNT68HewsIJwgfLYvCfsxmlH9IHXCcBVRVdpie4FsY1&t=638901526312636832" type="text/javascript"></script> <div> <input type="hidden" name="__VIEWSTATEGENERATOR" id="__VIEWSTATEGENERATOR" value="C2EE9ABB" /> <input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEdAAkVe9tRFc4TSgCARIew6QiXVK7BrRAtEiqu9nGFEI+jB3Y2+Mc6SrnAqio3oCKbxYagxqmrey5DrM07XUPj1h476LeScLJvL+enpUbbkWAWwcTYKZmSZLls6j/J71+vhFY85pbWlDO2hADfoPXD/5tdddx2jQpij18LUiDCb5acKkeJqzkFmokM1vnLUDqfeBG8NRDYzu7eWbPWLhKAh4IVPbX/9b9CZDlD7usRdUr2WA==" /> </div> <table cellpadding="0" cellspacing="0" align="center"> <tr> <td class="system_name"> <span id="lblCaption">CPAM OTP System (CPAM OTP)</span> </td> </tr> <tr> <td> <table cellpadding="0" cellspacing="0" align="center"> <tr> <td> <table cellpadding="0" cellspacing="0" align="center" class="table_login_container"> <tr> <td class="frame_topleft"> </td> <td class="frame_top"> </td> <td class="frame_topright"> </td> </tr> <tr> <td class="frame_left"> </td> <td class="frame_content"> <table cellpadding="0" cellspacing="0"> <tr> <td class="company_logo"> <img iFound 2026-01-23 by HttpPluginCreate report
-
Open service 54.169.67.9:443 · secure06alb.principal.com.my
2026-01-22 00:26
HTTP/1.1 403 Forbidden Server: awselb/2.0 Date: Thu, 22 Jan 2026 00:26:20 GMT Content-Type: text/html Content-Length: 118 Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> </body> </html>
Found 2026-01-22 by HttpPluginCreate report
-
Open service 47.130.208.57:443 · secure06alb.principal.com.my
2026-01-22 00:26
HTTP/1.1 403 Forbidden Server: awselb/2.0 Date: Thu, 22 Jan 2026 00:26:19 GMT Content-Type: text/html Content-Length: 118 Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> </body> </html>
Found 2026-01-22 by HttpPluginCreate report
-
Open service 20.212.64.8:80 · digitalsit.principal.com.my
2026-01-12 11:08
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Mon, 12 Jan 2026 11:09:58 GMT Location: https://digitalsit.principal.com.my/
Found 2026-01-12 by HttpPluginCreate report
-
Open service 20.212.64.8:443 · digitalsit.principal.com.my
2026-01-12 11:08
HTTP/1.1 200 OK Content-Length: 2354 Connection: close Content-Type: text/html Date: Mon, 12 Jan 2026 11:09:59 GMT Server: Accept-Ranges: bytes Last-Modified: Thu, 18 Dec 2025 15:56:22 GMT Set-Cookie: ARRAffinity=a1e606c837b71de3bcdf8a18e601752e5807aa08d2deebcc598e5b0e5ad0959c;Path=/;HttpOnly;Secure;Domain=digitalsit.principal.com.my Set-Cookie: ARRAffinitySameSite=a1e606c837b71de3bcdf8a18e601752e5807aa08d2deebcc598e5b0e5ad0959c;Path=/;HttpOnly;SameSite=None;Secure;Domain=digitalsit.principal.com.my Strict-Transport-Security: max-age=31536000 X-Powered-By: ASP.NET Page title: Principal Direct Access <!doctype html><html lang="en"><head><meta charset="utf-8"/><meta name="referrer" content="origin"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="mobile-web-app-capable" content="yes"/><meta http-equiv="Cache-Control" content="max-age=600"/><link rel="apple-touch-icon" sizes="57x57" href="/apple-icon-57x57.png"/><link rel="apple-touch-icon" sizes="60x60" href="/apple-icon-60x60.png"/><link rel="apple-touch-icon" sizes="72x72" href="/apple-icon-72x72.png"/><link rel="apple-touch-icon" sizes="76x76" href="/apple-icon-76x76.png"/><link rel="apple-touch-icon" sizes="114x114" href="/apple-icon-114x114.png"/><link rel="apple-touch-icon" sizes="120x120" href="/apple-icon-120x120.png"/><link rel="apple-touch-icon" sizes="144x144" href="/apple-icon-144x144.png"/><link rel="apple-touch-icon" sizes="152x152" href="/apple-icon-152x152.png"/><link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png"/><link rel="icon" type="image/png" sizes="192x192" href="/android-icon-192x192.png"/><link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png"/><link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png"/><link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png"/><link rel="manifest" href="/manifest.json"/><meta name="msapplication-TileColor" content="#ffffff"/><meta name="msapplication-TileImage" content="/ms-icon-144x144.png"/><meta name="theme-color" content="#ffffff"/><link rel="icon" href="/favicon.ico"/><title>Principal Direct Access</title></head><body><noscript>If you're seeing this message, that means <strong>JavaScript has been disabled on your browser</strong>, please <strong>enable JS</strong> to make this app work.</noscript><div id="app"></div><link rel="stylesheet" href="https://fonts.googleapis.com/icon?family=Material+Icons"/><script async src="https://www.googletagmanager.com/gtag/js?id=G-5B61Y5Y2SH"></script><script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-5B61Y5Y2SH")</script><script type="text/javascript" src="/runtime~main.1b63127d2b914f04c4e7.js"></script><script type="text/javascript" src="/vendors~main.c3d03eec1d03949d963c.chunk.js"></script><script type="text/javascript" src="/main.373b5b26d75721a2d2e5.chunk.js"></script></body></html>Found 2026-01-12 by HttpPluginCreate report
-
Open service 1.179.112.197:443 · r.communications.principal.com.my
2026-01-12 03:07
HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Date: Mon, 12 Jan 2026 03:07:45 GMT Location: https://img.mailin.fr/ Server: nginx X-Cache: BYPASS X-Content-Type-Options: nosniff X-Sib-Server: gke-public-cluster-v2-1-179-112-136 X-Xss-Protection: 1 Content-Length: 0 Connection: close
Found 2026-01-12 by HttpPluginCreate report
-
Open service 1.179.112.197:80 · r.communications.principal.com.my
2026-01-12 03:07
HTTP/1.1 301 Moved Permanently server: nginx date: Mon, 12 Jan 2026 03:07:45 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-171 x-content-type-options: nosniff x-xss-protection: 1 connection: close
Found 2026-01-12 by HttpPluginCreate report
-
Open service 35.71.145.235:443 · investonline.login.principal.com.my
2026-01-12 01:36
HTTP/1.1 302 Found Date: Mon, 12 Jan 2026 01:36:39 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aWRQJzDP5qXOex48KYzndAAAFbE accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy: default-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-prod.kerberos.okta.com principal-ciam7-prod.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.principal.th accounts.ifa.principal.th rsc2.members.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-PuR3QrmCmoS8ikW_ix71aA' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investonline.login.principal.com.my https://invest.principal.com.my location: https://investonline.login.principal.com.my/app/UserHome?iss=https%3A%2F%2Finvestonline.login.principal.com.my&session_hint=AUTHENTICATED Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-01-12 by HttpPluginCreate report
-
Open service 52.223.11.122:443 · investonline.login.principal.com.my
2026-01-12 01:36
HTTP/1.1 302 Found Date: Mon, 12 Jan 2026 01:36:38 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aWRQJj7PZeYdc74XiF3oOwAAACI accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy: default-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-prod.kerberos.okta.com principal-ciam7-prod.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.principal.th accounts.ifa.principal.th rsc2.members.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-7knR1SvOQ0qdg6_XlKq1lA' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investonline.login.principal.com.my https://invest.principal.com.my location: https://investonline.login.principal.com.my/app/UserHome?iss=https%3A%2F%2Finvestonline.login.principal.com.my&session_hint=AUTHENTICATED Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-01-12 by HttpPluginCreate report
-
Open service 35.71.145.235:80 · investonline.login.principal.com.my
2026-01-12 01:36
HTTP/1.1 302 Found Date: Mon, 12 Jan 2026 01:37:36 GMT Server: Apache Location: https://investonline.login.principal.com.my// Content-Length: 229 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://investonline.login.principal.com.my//">here</a>.</p> </body></html>
Found 2026-01-12 by HttpPluginCreate report
-
Open service 52.223.11.122:80 · investonline.login.principal.com.my
2026-01-12 01:36
HTTP/1.1 302 Found Date: Mon, 12 Jan 2026 01:37:36 GMT Server: Apache Location: https://investonline.login.principal.com.my// Content-Length: 229 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://investonline.login.principal.com.my//">here</a>.</p> </body></html>
Found 2026-01-12 by HttpPluginCreate report
-
Open service 104.17.155.243:443 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc52349dd205527-SJC location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-142 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.159.243:80 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc52349bfb82994-SJC location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-177 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.156.243:443 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc5234c280ced99-SIN location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-137 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.158.243:8443 · img.communications.principal.com.my
2026-01-11 14:34
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.158.243:80 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc52348daa6de44-YYZ location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-139 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.155.243:80 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc52348eb6764a6-YYZ location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-177 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.156.243:80 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc52348cfb1ebbc-YYZ location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-142 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.157.243:80 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc523489f194f3a-EWR location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-139 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.156.243:8443 · img.communications.principal.com.my
2026-01-11 14:34
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.158.243:443 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc5234789bfdfd3-AMS location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-141 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.155.243:8443 · img.communications.principal.com.my
2026-01-11 14:34
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.159.243:8443 · img.communications.principal.com.my
2026-01-11 14:34
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.157.243:8443 · img.communications.principal.com.my
2026-01-11 14:34
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.157.243:443 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc52347b9c8e539-LHR location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-138 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 104.17.159.243:443 · img.communications.principal.com.my
2026-01-11 14:34
HTTP/1.1 301 Moved Permanently Date: Sun, 11 Jan 2026 14:34:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bc52347885425c2-AMS location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-173 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-11 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · summeruat.principal.com.my
2026-01-09 18:51
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Jan 2026 18:51:30 GMT Content-Type: text/html Content-Length: 138 Connection: close Server: nginx Location: https://summeruat.principal.com.my/backoffice/login X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Page title: 302 Found <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 13.107.246.44:443 · api02.principal.com.my
2026-01-09 18:24
HTTP/1.1 404 Not Found Date: Fri, 09 Jan 2026 18:24:32 GMT Content-Type: text/html Content-Length: 266478 Connection: close Vary: Accept-Encoding Cache-Control: no-store x-azure-ref: 20260109T182432Z-169bcb8b8b864n4jhC1ATL6fd40000001pqg00000000f2rh X-Cache: CONFIG_NOCACHE Page title: Page not found <!DOCTYPE html> <!-- saved from url=(0058)https://df.onecloud.azure-test.net/Error/UE_404?shown=true --> <html lang="en" dir="ltr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Page not found</title> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="msapplication-config" content="none" /> <link rel="icon" type="image/x-icon" href="data:image/x-icon;base64,AAABAAQAQEAAAAEAIAAoQgAARgAAADAwAAABACAAqCUAAG5CAAAgIAAAAQAgAKgQAAAWaAAAEBAAAAEAIABoBAAAvngAACgAAABAAAAAgAAAAAEAIAAAAAAAAEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFound 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.158.243:80 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb46fea240f-FRA location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-174 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.157.243:8443 · img.brand.principal.com.my
2026-01-09 15:12
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.155.243:443 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb52e40ab7b-YYZ location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-138 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.157.243:443 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb4585a631d-LHR location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-177 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.158.243:443 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb48a30780c-EWR location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-137 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.158.243:8443 · img.brand.principal.com.my
2026-01-09 15:12
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.159.243:443 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb46e4d7a3e-LHR location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-142 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.159.243:80 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb40fd0dbc1-FRA location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-173 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.156.243:8443 · img.brand.principal.com.my
2026-01-09 15:12
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.155.243:80 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb3edd6b8ca-AMS location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-172 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.155.243:8443 · img.brand.principal.com.my
2026-01-09 15:12
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.156.243:443 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb3dbf8b461-LHR location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-177 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.156.243:80 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb7e9b9d969-SIN location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-139 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.159.243:8443 · img.brand.principal.com.my
2026-01-09 15:12
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.17.157.243:80 · img.brand.principal.com.my
2026-01-09 15:12
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 15:12:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb4dfb48848d270-FRA location: https://img.mailin.fr/ x-cache: BYPASS x-sib-server: gke-public-cluster-v2-1-179-112-171 x-content-type-options: nosniff x-xss-protection: 1 cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · secure07uat.principal.com.my
2026-01-09 08:46
HTTP/1.1 403 Forbidden Server: Microsoft-Azure-Application-Gateway/v2 Date: Fri, 09 Jan 2026 08:46:15 GMT Content-Type: text/html Content-Length: 179 Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>Microsoft-Azure-Application-Gateway/v2</center> </body> </html>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 20.43.179.231:443 · secure07.principal.com.my
2026-01-09 08:46
HTTP/1.1 403 Forbidden Server: Microsoft-Azure-Application-Gateway/v2 Date: Fri, 09 Jan 2026 08:46:14 GMT Content-Type: text/html Content-Length: 179 Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>Microsoft-Azure-Application-Gateway/v2</center> </body> </html>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 23.185.0.3:443 · principal.com.my
2026-01-08 23:46
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Content-Type: text/html; charset=UTF-8 Location: https://www.principal.com.my/ Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Pantheon-Styx-Hostname: styx-fe3-a-7c949b5848-lgnf6 X-Styx-Req-Id: fc82628f-ec9e-11f0-ad21-02c9567b461b Cache-Control: public, max-age=86400 Age: 33160 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 206.189.233.36 X-Real-Client-IP: 206.189.233.36 Access-Control-Allow-Origin: * Date: Thu, 08 Jan 2026 23:46:03 GMT X-Served-By: cache-chi-kigq8000121-CHI, cache-lga21983-LGA, cache-lga21983-LGA, cache-lga21983-LGA X-Cache: HIT, HIT, MISS, MISS X-Cache-Hits: 15, 1, 0, 0 X-Timer: S1767915963.430918,VS0,VE11 Vary: Cookie, Cookie
Found 2026-01-08 by HttpPluginCreate report
-
Open service 2620:12a:8000::3:443 · www.principal.com.my
2026-01-08 06:16
HTTP/1.1 200 OK Connection: close Content-Length: 156574 Cache-Control: max-age=86400, public Content-Language: en Content-Type: text/html; charset=UTF-8 Etag: W/"1767849028" Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Thu, 08 Jan 2026 05:10:28 GMT Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Content-Type-Options: nosniff X-Drupal-Cache: HIT X-Drupal-Dynamic-Cache: MISS X-Frame-Options: SAMEORIGIN X-Generator: Drupal 10 (https://www.drupal.org) X-Pantheon-Styx-Hostname: styx-fe3-a-7d59f97b67-9gdr5 X-Styx-Req-Id: f11d0244-ec53-11f0-a12c-aae482d321a6 Age: 2399 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 2400:6180:100:d0::89e:2001 X-Real-Client-IP: 2400:6180:100:d0::89e:2001 Access-Control-Allow-Origin: * Date: Thu, 08 Jan 2026 06:16:11 GMT X-Served-By: cache-chi-klot8100175-CHI, cache-bom-vanm7210064-BOM, cache-bom-vanm7210034-BOM, cache-bom-vanm7210034-BOM X-Cache: HIT, HIT, MISS, MISS X-Cache-Hits: 10, 1, 0, 0 X-Timer: S1767852972.687933,VS0,VE10 Vary: Accept-Encoding, Cookie, Origin, Cookie, Cookie Page title: Investments and Retirement | Principal Malaysia <!DOCTYPE html> <html lang="en" dir="ltr" prefix="content: http://purl.org/rss/1.0/modules/content/ dc: http://purl.org/dc/terms/ foaf: http://xmlns.com/foaf/0.1/ og: http://ogp.me/ns# rdfs: http://www.w3.org/2000/01/rdf-schema# schema: http://schema.org/ sioc: http://rdfs.org/sioc/ns# sioct: http://rdfs.org/sioc/types# skos: http://www.w3.org/2004/02/skos/core# xsd: http://www.w3.org/2001/XMLSchema# "> <head> <!-- Google Tag Manager for UAT Website with GTM & GA4 Analytics --> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-1RYR1B2XWJ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-1RYR1B2XWJ'); </script> <meta name="facebook-domain-verification" content="zsl3bo3157i1220wvlppl5jo10nunt" /> <!-- Google tag (gtag.js) --> <script async src=https://www.googletagmanager.com/gtag/js?id=AW-457278331></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'AW-457278331'); </script> <script> var dataLayer = window.dataLayer = window.dataLayer || []; dataLayer.push({ 'event': 'info-added', 'business-units':{ 'pi': true }, 'app-data':{ 'single-page-app': false } }); </script> <!-- Google Tag Manager --> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-M59TSMH');</script> <!-- End Google Tag Manager --> <script src="https://www.principalcdn.com/css/horizon/v2/horizon.min.js" ></script> <script src="https://cdn.jsdelivr.net/npm/lightslider@1.1.6/dist/js/lightslider.min.js"></script> <meta charset="utf-8" /> <link rel="shortlink" href="https://www.principal.com.my/en" /> <link rel="canonical" href="https://www.principal.com.my/en" /> <meta name="Generator" content="Drupal 10 (https://www.drupal.org)" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <script>var INSTAPAGE_AJAXURL = 'https://www.principal.com.my/index.php?action=instapage_ajax_call';</script> <meta name="description" content="Let's keep your finances simple. Invest when you're ready. Retire with confidence." /> <link rel="icon" href="/sites/default/files/favicon_0_0.ico" type="image/vnd.microsoft.icon" /> <meta name="format-detection" content="telephone=no"/> <title>Investments and Retirement | Principal Malaysia</title> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_AkaiE23y62-t5Fz78dd5FsQcPchnkdRbqVeprOm2uLE.css?delta=0&language=en&theme=malaysia&include=eJxdjEEOgzAMBD_kkichJ1lQhIMj25Ty-6L2UvUy2tnDZETAZryGOuq8NLnV04odxkJZNTyMR1qMO061jToLX944raKZ5eFxSdtX6qj3-S1MhUc03UlPKWx6OCT9bBoOnisHRisbLP05-eWBnjI76Nlwevpw6loPwRvZGUf_" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/entreprise7pro-bootstrap@3.4.8/dist/css/bootstrap.min.css" integrity="sha256-zL9fLm9PT7/fK/vb1O9aIIAdm/+bGtxmUm/M1NPTU7Y=" crossorigin="anonymous" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.1.1/7.x-3.x/drupal-bootstrap.min.css" integrity="sha512-nrwoY8z0/iCnnY9J1g189dfuRMCdI5JBwgvzKvwXC4dZ+145UNBUs+VdeG/TUuYRqlQbMlL4l8U3yT7pVss9Rg==" crossorigin="anonymous" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.1.1/8.x-3.x/drupal-bootstrap.min.css" integrity="sha512-jM5OBHt8tKkl65deNLp2dhFMAwoqHBIbzSW0WiRRwJfHzGoxAFuCowGd9hYi1vU8ce5xpa5IGmZBJujm/7rVtw==" crossorigin="anonymous" />Found 2026-01-08 by HttpPluginCreate report
-
Open service 2620:12a:8001::3:443 · www.principal.com.my
2026-01-08 06:16
HTTP/1.1 200 OK Connection: close Content-Length: 156574 Cache-Control: max-age=86400, public Content-Language: en Content-Type: text/html; charset=UTF-8 Etag: W/"1767849028" Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Thu, 08 Jan 2026 05:10:28 GMT Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Content-Type-Options: nosniff X-Drupal-Cache: HIT X-Drupal-Dynamic-Cache: MISS X-Frame-Options: SAMEORIGIN X-Generator: Drupal 10 (https://www.drupal.org) X-Pantheon-Styx-Hostname: styx-fe3-a-7d59f97b67-9gdr5 X-Styx-Req-Id: f11d0244-ec53-11f0-a12c-aae482d321a6 Age: 2398 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 2604:a880:4:1d0::36c:6000 X-Real-Client-IP: 2604:a880:4:1d0::36c:6000 Access-Control-Allow-Origin: * Date: Thu, 08 Jan 2026 06:16:10 GMT X-Served-By: cache-chi-klot8100175-CHI, cache-sjc1000102-SJC, cache-sjc1000131-SJC, cache-sjc1000131-SJC X-Cache: HIT, HIT, MISS, MISS X-Cache-Hits: 3, 0, 0, 0 X-Timer: S1767852971.609210,VS0,VE17 Vary: Accept-Encoding, Cookie, Origin, Cookie, Cookie Page title: Investments and Retirement | Principal Malaysia <!DOCTYPE html> <html lang="en" dir="ltr" prefix="content: http://purl.org/rss/1.0/modules/content/ dc: http://purl.org/dc/terms/ foaf: http://xmlns.com/foaf/0.1/ og: http://ogp.me/ns# rdfs: http://www.w3.org/2000/01/rdf-schema# schema: http://schema.org/ sioc: http://rdfs.org/sioc/ns# sioct: http://rdfs.org/sioc/types# skos: http://www.w3.org/2004/02/skos/core# xsd: http://www.w3.org/2001/XMLSchema# "> <head> <!-- Google Tag Manager for UAT Website with GTM & GA4 Analytics --> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-1RYR1B2XWJ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-1RYR1B2XWJ'); </script> <meta name="facebook-domain-verification" content="zsl3bo3157i1220wvlppl5jo10nunt" /> <!-- Google tag (gtag.js) --> <script async src=https://www.googletagmanager.com/gtag/js?id=AW-457278331></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'AW-457278331'); </script> <script> var dataLayer = window.dataLayer = window.dataLayer || []; dataLayer.push({ 'event': 'info-added', 'business-units':{ 'pi': true }, 'app-data':{ 'single-page-app': false } }); </script> <!-- Google Tag Manager --> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-M59TSMH');</script> <!-- End Google Tag Manager --> <script src="https://www.principalcdn.com/css/horizon/v2/horizon.min.js" ></script> <script src="https://cdn.jsdelivr.net/npm/lightslider@1.1.6/dist/js/lightslider.min.js"></script> <meta charset="utf-8" /> <link rel="shortlink" href="https://www.principal.com.my/en" /> <link rel="canonical" href="https://www.principal.com.my/en" /> <meta name="Generator" content="Drupal 10 (https://www.drupal.org)" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <script>var INSTAPAGE_AJAXURL = 'https://www.principal.com.my/index.php?action=instapage_ajax_call';</script> <meta name="description" content="Let's keep your finances simple. Invest when you're ready. Retire with confidence." /> <link rel="icon" href="/sites/default/files/favicon_0_0.ico" type="image/vnd.microsoft.icon" /> <meta name="format-detection" content="telephone=no"/> <title>Investments and Retirement | Principal Malaysia</title> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_AkaiE23y62-t5Fz78dd5FsQcPchnkdRbqVeprOm2uLE.css?delta=0&language=en&theme=malaysia&include=eJxdjEEOgzAMBD_kkichJ1lQhIMj25Ty-6L2UvUy2tnDZETAZryGOuq8NLnV04odxkJZNTyMR1qMO061jToLX944raKZ5eFxSdtX6qj3-S1MhUc03UlPKWx6OCT9bBoOnisHRisbLP05-eWBnjI76Nlwevpw6loPwRvZGUf_" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/entreprise7pro-bootstrap@3.4.8/dist/css/bootstrap.min.css" integrity="sha256-zL9fLm9PT7/fK/vb1O9aIIAdm/+bGtxmUm/M1NPTU7Y=" crossorigin="anonymous" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.1.1/7.x-3.x/drupal-bootstrap.min.css" integrity="sha512-nrwoY8z0/iCnnY9J1g189dfuRMCdI5JBwgvzKvwXC4dZ+145UNBUs+VdeG/TUuYRqlQbMlL4l8U3yT7pVss9Rg==" crossorigin="anonymous" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.1.1/8.x-3.x/drupal-bootstrap.min.css" integrity="sha512-jM5OBHt8tKkl65deNLp2dhFMAwoqHBIbzSW0WiRRwJfHzGoxAFuCowGd9hYi1vU8ce5xpa5IGmZBJujm/7rVtw==" crossorigin="anonymous" />Found 2026-01-08 by HttpPluginCreate report
-
Open service 23.185.0.3:443 · www.principal.com.my
2026-01-08 06:16
HTTP/1.1 200 OK Connection: close Content-Length: 156574 Cache-Control: max-age=86400, public Content-Language: en Content-Type: text/html; charset=UTF-8 Etag: W/"1767849028" Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Thu, 08 Jan 2026 05:10:28 GMT Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Content-Type-Options: nosniff X-Drupal-Cache: HIT X-Drupal-Dynamic-Cache: MISS X-Frame-Options: SAMEORIGIN X-Generator: Drupal 10 (https://www.drupal.org) X-Pantheon-Styx-Hostname: styx-fe3-a-7d59f97b67-9gdr5 X-Styx-Req-Id: f11d0244-ec53-11f0-a12c-aae482d321a6 Age: 2399 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 139.59.143.102 X-Real-Client-IP: 139.59.143.102 Access-Control-Allow-Origin: * Date: Thu, 08 Jan 2026 06:16:10 GMT X-Served-By: cache-chi-klot8100175-CHI, cache-fra-etou8220078-FRA, cache-fra-eddf8230039-FRA, cache-fra-eddf8230039-FRA X-Cache: MISS, HIT, MISS, MISS X-Cache-Hits: 1, 0, 0, 0 X-Timer: S1767852971.754949,VS0,VE9 Vary: Accept-Encoding, Cookie, Origin, Cookie, Cookie Page title: Investments and Retirement | Principal Malaysia <!DOCTYPE html> <html lang="en" dir="ltr" prefix="content: http://purl.org/rss/1.0/modules/content/ dc: http://purl.org/dc/terms/ foaf: http://xmlns.com/foaf/0.1/ og: http://ogp.me/ns# rdfs: http://www.w3.org/2000/01/rdf-schema# schema: http://schema.org/ sioc: http://rdfs.org/sioc/ns# sioct: http://rdfs.org/sioc/types# skos: http://www.w3.org/2004/02/skos/core# xsd: http://www.w3.org/2001/XMLSchema# "> <head> <!-- Google Tag Manager for UAT Website with GTM & GA4 Analytics --> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-1RYR1B2XWJ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-1RYR1B2XWJ'); </script> <meta name="facebook-domain-verification" content="zsl3bo3157i1220wvlppl5jo10nunt" /> <!-- Google tag (gtag.js) --> <script async src=https://www.googletagmanager.com/gtag/js?id=AW-457278331></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'AW-457278331'); </script> <script> var dataLayer = window.dataLayer = window.dataLayer || []; dataLayer.push({ 'event': 'info-added', 'business-units':{ 'pi': true }, 'app-data':{ 'single-page-app': false } }); </script> <!-- Google Tag Manager --> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-M59TSMH');</script> <!-- End Google Tag Manager --> <script src="https://www.principalcdn.com/css/horizon/v2/horizon.min.js" ></script> <script src="https://cdn.jsdelivr.net/npm/lightslider@1.1.6/dist/js/lightslider.min.js"></script> <meta charset="utf-8" /> <link rel="shortlink" href="https://www.principal.com.my/en" /> <link rel="canonical" href="https://www.principal.com.my/en" /> <meta name="Generator" content="Drupal 10 (https://www.drupal.org)" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <script>var INSTAPAGE_AJAXURL = 'https://www.principal.com.my/index.php?action=instapage_ajax_call';</script> <meta name="description" content="Let's keep your finances simple. Invest when you're ready. Retire with confidence." /> <link rel="icon" href="/sites/default/files/favicon_0_0.ico" type="image/vnd.microsoft.icon" /> <meta name="format-detection" content="telephone=no"/> <title>Investments and Retirement | Principal Malaysia</title> <link rel="stylesheet" media="all" href="/sites/default/files/css/css_AkaiE23y62-t5Fz78dd5FsQcPchnkdRbqVeprOm2uLE.css?delta=0&language=en&theme=malaysia&include=eJxdjEEOgzAMBD_kkichJ1lQhIMj25Ty-6L2UvUy2tnDZETAZryGOuq8NLnV04odxkJZNTyMR1qMO061jToLX944raKZ5eFxSdtX6qj3-S1MhUc03UlPKWx6OCT9bBoOnisHRisbLP05-eWBnjI76Nlwevpw6loPwRvZGUf_" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/entreprise7pro-bootstrap@3.4.8/dist/css/bootstrap.min.css" integrity="sha256-zL9fLm9PT7/fK/vb1O9aIIAdm/+bGtxmUm/M1NPTU7Y=" crossorigin="anonymous" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.1.1/7.x-3.x/drupal-bootstrap.min.css" integrity="sha512-nrwoY8z0/iCnnY9J1g189dfuRMCdI5JBwgvzKvwXC4dZ+145UNBUs+VdeG/TUuYRqlQbMlL4l8U3yT7pVss9Rg==" crossorigin="anonymous" /> <link rel="stylesheet" media="all" href="https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.1.1/8.x-3.x/drupal-bootstrap.min.css" integrity="sha512-jM5OBHt8tKkl65deNLp2dhFMAwoqHBIbzSW0WiRRwJfHzGoxAFuCowGd9hYi1vU8ce5xpa5IGmZBJujm/7rVtw==" crossorigin="anonymous" />Found 2026-01-08 by HttpPluginCreate report
-
Open service 23.185.0.3:80 · www.principal.com.my
2026-01-08 06:16
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://www.principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Thu, 08 Jan 2026 06:16:10 GMT X-Served-By: cache-fra-eddf8230084-FRA, cache-fra-eddf8230084-FRA X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1767852970.461971,VS0,VE5
Found 2026-01-08 by HttpPluginCreate report
-
Open service 2620:12a:8000::3:80 · www.principal.com.my
2026-01-08 06:16
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://www.principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Thu, 08 Jan 2026 06:16:10 GMT X-Served-By: cache-fra-eddf8230194-FRA, cache-fra-eddf8230194-FRA X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1767852970.472550,VS0,VE3
Found 2026-01-08 by HttpPluginCreate report
-
Open service 2620:12a:8001::3:80 · www.principal.com.my
2026-01-08 06:16
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://www.principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Thu, 08 Jan 2026 06:16:10 GMT X-Served-By: cache-vie6359-VIE, cache-vie6359-VIE X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1767852970.403396,VS0,VE6
Found 2026-01-08 by HttpPluginCreate report
-
Open service 3.219.86.223:443 · mya.agenthub.dev.principal.com.my
2026-01-06 18:55
HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Jan 2026 18:55:52 GMT Content-Type: application/json Content-Length: 13 Connection: close x-amzn-RequestId: 16583215-4084-4416-92e2-b2115f701d0e referrer-policy: strict-origin-when-cross-origin x-xss-protection: 0 strict-transport-security: max-age=31536000; includeSubdomains; preload x-amzn-Remapped-connection: keep-alive x-amz-apigw-id: Wxsc4F23oAMEEnA= x-content-type-options: nosniff location: /public/login X-Amzn-Trace-Id: Root=1-695d5ab8-3ff43f553cc91ed1368667eb;Parent=33d1cf153b42ffab;Sampled=0;Lineage=1:47950791:0 x-amzn-Remapped-date: Tue, 06 Jan 2026 18:55:52 GMT /public/login
Found 2026-01-06 by HttpPluginCreate report
-
Open service 3.229.231.57:443 · mya.agenthub.dev.principal.com.my
2026-01-06 18:55
HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Jan 2026 18:55:52 GMT Content-Type: application/json Content-Length: 13 Connection: close x-amzn-RequestId: b0c9ca9d-ca16-4ec5-ba32-a571652e9bf6 referrer-policy: strict-origin-when-cross-origin x-xss-protection: 0 strict-transport-security: max-age=31536000; includeSubdomains; preload x-amzn-Remapped-connection: keep-alive x-amz-apigw-id: Wxsc3ETuIAMEHcQ= x-content-type-options: nosniff location: /public/login X-Amzn-Trace-Id: Root=1-695d5ab8-4df7379146284f684bcac9e3;Parent=2c23431b1b0f2af9;Sampled=0;Lineage=1:47950791:0 x-amzn-Remapped-date: Tue, 06 Jan 2026 18:55:52 GMT /public/login
Found 2026-01-06 by HttpPluginCreate report
-
Open service 98.90.41.140:443 · mya.agenthub.dev.principal.com.my
2026-01-06 18:55
HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Jan 2026 18:55:52 GMT Content-Type: application/json Content-Length: 13 Connection: close x-amzn-RequestId: e67f53c0-14fe-44b2-b855-10e5b2e4f0cc referrer-policy: strict-origin-when-cross-origin x-xss-protection: 0 strict-transport-security: max-age=31536000; includeSubdomains; preload x-amzn-Remapped-connection: keep-alive x-amz-apigw-id: Wxsc2H2EIAMEaxA= x-content-type-options: nosniff location: /public/login X-Amzn-Trace-Id: Root=1-695d5ab8-4454346c115d8c60110316b2;Parent=1bc91d0575e95850;Sampled=0;Lineage=1:47950791:0 x-amzn-Remapped-date: Tue, 06 Jan 2026 18:55:52 GMT /public/login
Found 2026-01-06 by HttpPluginCreate report
-
Open service 2620:12a:8000::3:80 · principal.com.my
2026-01-06 16:36
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Tue, 06 Jan 2026 16:36:24 GMT X-Served-By: cache-sin-wsss1830042-SIN, cache-sin-wsss1830042-SIN X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1767717384.993474,VS0,VE8
Found 2026-01-06 by HttpPluginCreate report
-
Open service 23.185.0.3:443 · principal.com.my
2026-01-06 16:36
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Content-Type: text/html; charset=UTF-8 Location: https://www.principal.com.my/ Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Pantheon-Styx-Hostname: styx-fe3-a-7d59f97b67-n9dlx X-Styx-Req-Id: 5553a6d4-eb0b-11f0-9df4-4ac77fb50a49 Cache-Control: public, max-age=86400 Age: 7948 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 64.225.75.246 X-Real-Client-IP: 64.225.75.246 Access-Control-Allow-Origin: * Date: Tue, 06 Jan 2026 16:36:24 GMT X-Served-By: cache-chi-kigq8000121-CHI, cache-rtm-ehrd2290054-RTM, cache-rtm-ehrd2290032-RTM, cache-rtm-ehrd2290032-RTM X-Cache: HIT, HIT, MISS, MISS X-Cache-Hits: 12, 1, 0, 0 X-Timer: S1767717384.035543,VS0,VE10 Vary: Cookie, Cookie
Found 2026-01-06 by HttpPluginCreate report
-
Open service 2620:12a:8001::3:80 · principal.com.my
2026-01-06 16:36
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Tue, 06 Jan 2026 16:36:23 GMT X-Served-By: cache-sin-wsss1830082-SIN, cache-sin-wsss1830082-SIN X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1767717384.877705,VS0,VE5
Found 2026-01-06 by HttpPluginCreate report
-
Open service 2620:12a:8000::3:443 · principal.com.my
2026-01-06 16:36
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Content-Type: text/html; charset=UTF-8 Location: https://www.principal.com.my/ Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Pantheon-Styx-Hostname: styx-fe3-a-7d59f97b67-n9dlx X-Styx-Req-Id: 5553a6d4-eb0b-11f0-9df4-4ac77fb50a49 Cache-Control: public, max-age=86400 Age: 7948 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 2a03:b0c0:3:d0::ca6:5001 X-Real-Client-IP: 2a03:b0c0:3:d0::ca6:5001 Access-Control-Allow-Origin: * Date: Tue, 06 Jan 2026 16:36:24 GMT X-Served-By: cache-chi-kigq8000121-CHI, cache-vie6349-VIE, cache-vie6367-VIE, cache-vie6367-VIE X-Cache: HIT, HIT, MISS, MISS X-Cache-Hits: 7, 1, 0, 0 X-Timer: S1767717384.032721,VS0,VE35 Vary: Cookie, Cookie
Found 2026-01-06 by HttpPluginCreate report
-
Open service 2620:12a:8001::3:443 · principal.com.my
2026-01-06 16:36
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Content-Type: text/html; charset=UTF-8 Location: https://www.principal.com.my/ Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Pantheon-Styx-Hostname: styx-fe3-a-7d59f97b67-n9dlx X-Styx-Req-Id: 5553a6d4-eb0b-11f0-9df4-4ac77fb50a49 Cache-Control: public, max-age=86400 Age: 7948 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 2a03:b0c0:3:d0::12bc:e001 X-Real-Client-IP: 2a03:b0c0:3:d0::12bc:e001 Access-Control-Allow-Origin: * Date: Tue, 06 Jan 2026 16:36:23 GMT X-Served-By: cache-chi-kigq8000121-CHI, cache-fra-etou8220078-FRA, cache-fra-eddf8230164-FRA, cache-fra-eddf8230164-FRA X-Cache: HIT, HIT, MISS, MISS X-Cache-Hits: 11, 1, 0, 0 X-Timer: S1767717384.907734,VS0,VE31 Vary: Cookie, Cookie
Found 2026-01-06 by HttpPluginCreate report
-
Open service 23.185.0.3:80 · principal.com.my
2026-01-06 16:36
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Retry-After: 0 Location: https://principal.com.my/ Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish Strict-Transport-Security: max-age=300; includeSubDomains; Date: Tue, 06 Jan 2026 16:36:23 GMT X-Served-By: cache-lga21977-LGA, cache-lga21977-LGA X-Cache: HIT, MISS X-Cache-Hits: 0, 0 X-Timer: S1767717384.785616,VS0,VE7
Found 2026-01-06 by HttpPluginCreate report
-
Open service 13.248.244.122:80 · investsit.login.principal.com.my
2026-01-05 16:09
HTTP/1.1 302 Found Date: Mon, 05 Jan 2026 16:10:54 GMT Server: Apache Location: https://investsit.login.principal.com.my// Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://investsit.login.principal.com.my//">here</a>.</p> </body></html>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 76.223.106.8:443 · investsit.login.principal.com.my
2026-01-05 16:09
HTTP/1.1 302 Found Date: Mon, 05 Jan 2026 16:09:56 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aVviVA8la0dUMvYfS-a8zgAAAaQ accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy: default-src 'self' principal-ciam7.oktapreview.com investsit.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7.oktapreview.com principal-ciam7-admin.oktapreview.com investsit.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7.kerberos.oktapreview.com principal-ciam7.mtls.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.dev.principal.th accounts.ifa.dev.principal.th rsc2.members.test.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-IgP7_9wp0EYAB1PmpzOGzQ' 'unsafe-eval' 'self' 'report-sample' principal-ciam7.oktapreview.com investsit.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7.oktapreview.com investsit.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7.oktapreview.com principal-ciam7-admin.oktapreview.com investsit.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7.oktapreview.com investsit.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7.oktapreview.com investsit.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investsit.principal.com.my https://investsit.login.principal.com.my location: https://investsit.principal.com.my/sign-in Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-01-05 by HttpPluginCreate report
-
Open service 13.248.244.122:443 · investsit.login.principal.com.my
2026-01-05 16:09
HTTP/1.1 302 Found Date: Mon, 05 Jan 2026 16:09:56 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aVviVC1apyDTV7G7ZyywmgAAAeE accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy: default-src 'self' principal-ciam7.oktapreview.com investsit.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7.oktapreview.com principal-ciam7-admin.oktapreview.com investsit.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7.kerberos.oktapreview.com principal-ciam7.mtls.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.dev.principal.th accounts.ifa.dev.principal.th rsc2.members.test.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-ODqqp-kEOLaod8s98oZnFg' 'unsafe-eval' 'self' 'report-sample' principal-ciam7.oktapreview.com investsit.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7.oktapreview.com investsit.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7.oktapreview.com principal-ciam7-admin.oktapreview.com investsit.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7.oktapreview.com investsit.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7.oktapreview.com investsit.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investsit.principal.com.my https://investsit.login.principal.com.my location: https://investsit.principal.com.my/sign-in Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-01-05 by HttpPluginCreate report
-
Open service 76.223.106.8:80 · investsit.login.principal.com.my
2026-01-05 16:09
HTTP/1.1 302 Found Date: Mon, 05 Jan 2026 16:10:54 GMT Server: Apache Location: https://investsit.login.principal.com.my// Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://investsit.login.principal.com.my//">here</a>.</p> </body></html>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 52.223.11.122:80 · investonline.login.principal.com.my
2026-01-04 01:54
HTTP/1.1 302 Found Date: Sun, 04 Jan 2026 01:54:17 GMT Server: Apache Location: https://investonline.login.principal.com.my// Content-Length: 229 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://investonline.login.principal.com.my//">here</a>.</p> </body></html>
Found 2026-01-04 by HttpPluginCreate report
-
Open service 35.71.145.235:443 · investonline.login.principal.com.my
2026-01-04 01:54
HTTP/1.1 302 Found Date: Sun, 04 Jan 2026 01:54:17 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aVnISWcO7Jt_L74QCChmPQAAB80 accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy-report-only: default-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-prod.kerberos.okta.com principal-ciam7-prod.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.principal.th accounts.ifa.principal.th *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-dWlTzh_2boWxOBByC_uG_g' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'nonce-dWlTzh_2boWxOBByC_uG_g' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investonline.login.principal.com.my https://invest.principal.com.my content-security-policy: default-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-prod.kerberos.okta.com principal-ciam7-prod.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.principal.th accounts.ifa.principal.th *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-dWlTzh_2boWxOBByC_uG_g' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investonline.login.principal.com.my https://invest.principal.com.my location: https://investonline.login.principal.com.my/app/UserHome?iss=https%3A%2F%2Finvestonline.login.principal.com.my&session_hint=AUTHENTICATED Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-01-04 by HttpPluginCreate report
-
Open service 52.223.11.122:443 · investonline.login.principal.com.my
2026-01-04 01:54
HTTP/1.1 302 Found Date: Sun, 04 Jan 2026 01:54:17 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aVnISaygGv1m8WSyHN3BWQAADLM accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy-report-only: default-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-prod.kerberos.okta.com principal-ciam7-prod.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.principal.th accounts.ifa.principal.th *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-YGinH8aTzcIpcH48mSXDHQ' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'nonce-YGinH8aTzcIpcH48mSXDHQ' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investonline.login.principal.com.my https://invest.principal.com.my content-security-policy: default-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-prod.kerberos.okta.com principal-ciam7-prod.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.principal.th accounts.ifa.principal.th *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-YGinH8aTzcIpcH48mSXDHQ' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-prod.okta.com principal-ciam7-prod-admin.okta.com investonline.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-prod.okta.com investonline.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investonline.login.principal.com.my https://invest.principal.com.my location: https://investonline.login.principal.com.my/app/UserHome?iss=https%3A%2F%2Finvestonline.login.principal.com.my&session_hint=AUTHENTICATED Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-01-04 by HttpPluginCreate report
-
Open service 52.223.11.122:443 · investuat.login.principal.com.my
2026-01-04 01:54
HTTP/1.1 302 Found Date: Sun, 04 Jan 2026 01:54:17 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aVnISdfVQPh8G32yXWGVGQAACKQ accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy-report-only: default-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-staging.kerberos.okta.com principal-ciam7-staging.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.staging.principal.th accounts.ifa.staging.principal.th rsc2.members.pilot.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-inXM08YEYqU1zSbQtr26nQ' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'nonce-inXM08YEYqU1zSbQtr26nQ' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investuat.principal.com.my https://investuat.login.principal.com.my content-security-policy: default-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-staging.kerberos.okta.com principal-ciam7-staging.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.staging.principal.th accounts.ifa.staging.principal.th rsc2.members.pilot.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-inXM08YEYqU1zSbQtr26nQ' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investuat.principal.com.my https://investuat.login.principal.com.my location: https://investuat.principal.com.my/sign-in Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-01-04 by HttpPluginCreate report
-
Open service 35.71.145.235:80 · investuat.login.principal.com.my
2026-01-04 01:54
HTTP/1.1 302 Found Date: Sun, 04 Jan 2026 01:54:17 GMT Server: Apache Location: https://investuat.login.principal.com.my// Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://investuat.login.principal.com.my//">here</a>.</p> </body></html>
Found 2026-01-04 by HttpPluginCreate report
-
Open service 35.71.145.235:80 · investonline.login.principal.com.my
2026-01-04 01:54
HTTP/1.1 302 Found Date: Sun, 04 Jan 2026 01:54:16 GMT Server: Apache Location: https://investonline.login.principal.com.my// Content-Length: 229 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://investonline.login.principal.com.my//">here</a>.</p> </body></html>
Found 2026-01-04 by HttpPluginCreate report
-
Open service 35.71.145.235:443 · investuat.login.principal.com.my
2026-01-04 01:54
HTTP/1.1 302 Found Date: Sun, 04 Jan 2026 01:54:17 GMT Server: nginx Content-Type: text/html;charset=ISO-8859-1 Content-Length: 0 x-content-type-options: nosniff x-okta-request-id: aVnISQZUnZrfSedqXHoH_AAABrM accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy-report-only: default-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-staging.kerberos.okta.com principal-ciam7-staging.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.staging.principal.th accounts.ifa.staging.principal.th rsc2.members.pilot.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-7akQ40RxsmS1MTFkATF5Sg' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'nonce-7akQ40RxsmS1MTFkATF5Sg' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investuat.principal.com.my https://investuat.login.principal.com.my content-security-policy: default-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; connect-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal-ciam7-staging.kerberos.okta.com principal-ciam7-staging.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: accounts.app.staging.principal.th accounts.ifa.staging.principal.th rsc2.members.pilot.principal.com.hk *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-7akQ40RxsmS1MTFkATF5Sg' 'unsafe-eval' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com; frame-src 'self' principal-ciam7-staging.okta.com principal-ciam7-staging-admin.okta.com investuat.login.principal.com.my login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' principal-ciam7-staging.okta.com investuat.login.principal.com.my data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://investuat.principal.com.my https://investuat.login.principal.com.my location: https://investuat.principal.com.my/sign-in Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Connection: close
Found 2026-01-04 by HttpPluginCreate report
-
Open service 52.223.11.122:80 · investuat.login.principal.com.my
2026-01-04 01:54
HTTP/1.1 302 Found Date: Sun, 04 Jan 2026 01:54:16 GMT Server: Apache Location: https://investuat.login.principal.com.my// Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://investuat.login.principal.com.my//">here</a>.</p> </body></html>
Found 2026-01-04 by HttpPluginCreate report
-
Open service 52.76.187.66:443 · portal.principal.com.my
2026-01-03 00:24
HTTP/1.1 403 Forbidden Server: awselb/2.0 Date: Sat, 03 Jan 2026 00:24:00 GMT Content-Type: text/html Content-Length: 118 Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> </body> </html>
Found 2026-01-03 by HttpPluginCreate report
-
Open service 13.251.192.6:443 · portal.principal.com.my
2026-01-03 00:24
HTTP/1.1 403 Forbidden Server: awselb/2.0 Date: Sat, 03 Jan 2026 00:24:01 GMT Content-Type: text/html Content-Length: 118 Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> </body> </html>
Found 2026-01-03 by HttpPluginCreate report
-
Open service 13.107.246.44:443 · api02.principal.com.my
2026-01-02 22:03
HTTP/1.1 200 OK Date: Fri, 02 Jan 2026 22:03:52 GMT Content-Type: text/plain Content-Length: 0 Connection: close x-azure-ref: 20260102T220351Z-185d974d666m977zhC1FRAhn500000002qf0000000003fph X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
Found 2026-01-02 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · summeruat.principal.com.my
2026-01-02 04:24
HTTP/1.1 302 Moved Temporarily Date: Fri, 02 Jan 2026 04:24:47 GMT Content-Type: text/html Content-Length: 138 Connection: close Server: nginx Location: https://summeruat.principal.com.my/backoffice/login X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Page title: 302 Found <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 13.248.236.251:80 · login.investuat.principal.com.my
2025-12-31 13:48
HTTP/1.1 302 Found Date: Wed, 31 Dec 2025 13:48:10 GMT Server: Apache Location: https://login.investuat.principal.com.my// Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://login.investuat.principal.com.my//">here</a>.</p> </body></html>
Found 2025-12-31 by HttpPluginCreate report
-
Open service 76.223.106.183:80 · login.investuat.principal.com.my
2025-12-31 13:48
HTTP/1.1 302 Found Date: Wed, 31 Dec 2025 13:48:09 GMT Server: Apache Location: https://login.investuat.principal.com.my// Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://login.investuat.principal.com.my//">here</a>.</p> </body></html>
Found 2025-12-31 by HttpPluginCreate report
-
Open service 76.223.106.183:443 · login.investuat.principal.com.my
2025-12-31 13:48
HTTP/1.1 200 OK Date: Wed, 31 Dec 2025 13:48:10 GMT Server: nginx Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding x-content-type-options: nosniff x-okta-request-id: aVUpmkli7GpgxTZO3L0tiQAAB0M accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy: default-src 'self' principal.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.investuat.principal.com.my; connect-src 'self' principal.oktapreview.com principal-admin.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal.kerberos.oktapreview.com principal.mtls.oktapreview.com https://oinmanager.okta.com data: okta-ciam1-staging.principal.com *.investuat.principal.com.my *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' principal.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.investuat.principal.com.my; style-src 'unsafe-inline' 'self' 'report-sample' principal.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.investuat.principal.com.my; frame-src 'self' principal.oktapreview.com principal-admin.oktapreview.com login.investuat.principal.com.my login.okta.com *.vidyard.com *.investuat.principal.com.my; img-src 'self' principal.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: *.investuat.principal.com.my blob:; font-src 'self' principal.oktapreview.com login.investuat.principal.com.my data: *.oktacdn.com fonts.gstatic.com *.investuat.principal.com.my; frame-ancestors 'self' https://investuat.principal.com.my x-rate-limit-limit: 60 x-rate-limit-remaining: 58 x-rate-limit-reset: 1767188949 referrer-policy: strict-origin-when-cross-origin cache-control: no-cache, no-store pragma: no-cache expires: 0 x-frame-options: SAMEORIGIN x-ua-compatible: IE=edge content-language: en Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: JSESSIONID=CC6A7F333BA07F27ED53342F9F2C4E28; Path=/; Secure; HttpOnly set-cookie: t=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: DT=DI1-YhiVjmPSOKcp_ZuLjAzIg;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Fri, 31 Dec 2027 13:48:10 GMT;HttpOnly Connection: close Transfer-Encoding: chunked
Found 2025-12-31 by HttpPluginCreate report
-
Open service 13.248.236.251:443 · login.investuat.principal.com.my
2025-12-31 13:48
HTTP/1.1 200 OK Date: Wed, 31 Dec 2025 13:48:10 GMT Server: nginx Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding x-content-type-options: nosniff x-okta-request-id: aVUpml8HxjZFZlPw9WboxgAACsU accept-ch: Sec-CH-UA-Platform-Version x-xss-protection: 0 p3p: CP="HONK" content-security-policy: default-src 'self' principal.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.investuat.principal.com.my; connect-src 'self' principal.oktapreview.com principal-admin.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.mixpanel.com *.mapbox.com principal.kerberos.oktapreview.com principal.mtls.oktapreview.com https://oinmanager.okta.com data: okta-ciam1-staging.principal.com *.investuat.principal.com.my *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' principal.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.investuat.principal.com.my; style-src 'unsafe-inline' 'self' 'report-sample' principal.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.investuat.principal.com.my; frame-src 'self' principal.oktapreview.com principal-admin.oktapreview.com login.investuat.principal.com.my login.okta.com *.vidyard.com *.investuat.principal.com.my; img-src 'self' principal.oktapreview.com login.investuat.principal.com.my *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: *.investuat.principal.com.my blob:; font-src 'self' principal.oktapreview.com login.investuat.principal.com.my data: *.oktacdn.com fonts.gstatic.com *.investuat.principal.com.my; frame-ancestors 'self' https://investuat.principal.com.my x-rate-limit-limit: 60 x-rate-limit-remaining: 58 x-rate-limit-reset: 1767188950 referrer-policy: strict-origin-when-cross-origin cache-control: no-cache, no-store pragma: no-cache expires: 0 x-frame-options: SAMEORIGIN x-ua-compatible: IE=edge content-language: en Strict-Transport-Security: max-age=315360000; includeSubDomains X-Robots-Tag: noindex,nofollow set-cookie: xids="";Version=1;Path=/;Max-Age=0 set-cookie: sid="";Version=1;Path=/;Max-Age=0 set-cookie: autolaunch_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: activate_ca_modal_triggered=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: JSESSIONID=B28D163AF501474C68550362E6C33439; Path=/; Secure; HttpOnly set-cookie: t=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ set-cookie: DT=DI1agrzuf6iS7eUZtRyovtsMw;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Fri, 31 Dec 2027 13:48:10 GMT;HttpOnly Connection: close Transfer-Encoding: chunked
Found 2025-12-31 by HttpPluginCreate report
-
Open service 13.107.246.44:443 · api02.principal.com.my
2025-12-23 04:07
HTTP/1.1 200 OK Date: Tue, 23 Dec 2025 04:07:11 GMT Content-Type: text/plain Content-Length: 0 Connection: close x-azure-ref: 20251223T040711Z-r1d5f7d7665ndw9chC1BOM3c7n0000000gwg000000001p7s X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
Found 2025-12-23 by HttpPluginCreate report
-
Open service 23.185.0.3:443 · principal.com.my
2025-12-22 23:25
HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Content-Type: text/html; charset=UTF-8 Location: https://www.principal.com.my/ Strict-Transport-Security: max-age=31622400; includeSubDomains; preload X-Pantheon-Styx-Hostname: styx-fe3-b-576d655bff-gnqxh X-Styx-Req-Id: aa7bf4f0-df35-11f0-ae82-8693c483d7e6 Cache-Control: public, max-age=86400 Age: 37750 Accept-Ranges: bytes Via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish X-Forwarded-For: 188.166.108.93 X-Real-Client-IP: 188.166.108.93 Access-Control-Allow-Origin: * Date: Mon, 22 Dec 2025 23:25:52 GMT X-Served-By: cache-chi-kigq8000121-CHI, cache-rtm-ehrd2290054-RTM, cache-rtm-ehrd2290047-RTM, cache-rtm-ehrd2290047-RTM X-Cache: HIT, HIT, MISS, MISS X-Cache-Hits: 40, 1, 0, 0 X-Timer: S1766445953.939052,VS0,VE8 Vary: Cookie, Cookie
Found 2025-12-22 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · summeruat.principal.com.my
2025-12-22 15:17
HTTP/1.1 302 Moved Temporarily Date: Mon, 22 Dec 2025 15:17:22 GMT Content-Type: text/html Content-Length: 138 Connection: close Server: nginx Location: https://summeruat.principal.com.my/backoffice/login X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Page title: 302 Found <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
Found 2025-12-22 by HttpPluginCreate report
investuat.login.principal.com.my
blog.principal.co.idprincipal.co.idprincipal.com.myprincipal.com.sgprincipal.thprincipalislamic.comprincipalislamic.com.mywww.principal.co.idwww.principal.com.mywww.principal.com.sgwww.principal.thwww.principalislamic.comwww.principalislamic.com.my
summeruat.principal.com.my
*.azureedge.net
otp.principal.com.my
secure06alb.principal.com.my
digitalsit.principal.com.my
r.communications.principal.com.my
investonline.login.principal.com.my
img.communications.principal.com.my
*.azureedge.net
img.brand.principal.com.my
secure07uat.principal.com.my
secure07.principal.com.my
mya.agenthub.dev.principal.com.my
blog.principal.co.idprincipal.co.idprincipal.com.myprincipal.com.sgprincipal.thprincipalislamic.comprincipalislamic.com.mywww.principal.co.idwww.principal.com.mywww.principal.com.sgwww.principal.thwww.principalislamic.comwww.principalislamic.com.my
investsit.login.principal.com.my
investonline.login.principal.com.my
investuat.login.principal.com.my
portal.principal.com.my
api02.principal.com.my
login.investuat.principal.com.my
Domain summary
summeruat.principal.com.my 4 api02.principal.com.my 4 investonline.login.principal.com.my 7 img.communications.principal.com.my 14 otp.principal.com.my 1 secure06alb.principal.com.my 1 digitalsit.principal.com.my 1 r.communications.principal.com.my 1 investuat.login.principal.com.my 4 principal.com.my 11 img.brand.principal.com.my 14 secure07uat.principal.com.my 0 secure07.principal.com.my 0 www.principal.com.my 5 mya.agenthub.dev.principal.com.my 2 investsit.login.principal.com.my 3 portal.principal.com.my 1 login.investuat.principal.com.my 3
IP summary
20.43.175.104 3 52.223.11.122 2 2620:12a:8000::3 2 2620:12a:8001::3 2 104.17.157.243 2 13.107.246.44 2 20.188.98.74 2 104.17.158.243 2 35.71.145.235 2 20.212.64.8 2 1.179.112.197 2 104.17.155.243 1 3.219.86.223 1 104.17.159.243 1 104.17.156.243 1 54.169.67.9 1 23.185.0.3 1 20.43.179.231 1 47.130.208.57 1 3.229.231.57 1 98.90.41.140 1 13.248.244.122 1 76.223.106.8 1 52.76.187.66 1 13.251.192.6 1 13.248.236.251 1 76.223.106.183 1