urlscan.io logo urlscan.io
SecurityTrails logo

www.ofm.co.th Open in urlscan Pro
138.113.147.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u25616647.ct.sendgrid.net/ls/click?upn=c25vSFddlVot5Lh2-2F6luDz26jZ2TtpcSrV0LyO5o68fLKMrRGFurudH7Orj-2FtBM8L1PygIN6vQwiYJj...
Effective URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Submission: On October 03 via manual from TH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 8 countries across 22 domains to perform 86 HTTP transactions. The main IP is 138.113.147.185, located in Canada and belongs to ML-1432-54994, CA. The main domain is www.ofm.co.th. The Cisco Umbrella rank of the primary domain is 660322.
TLS certificate: Issued by Thawte RSA CA 2018 on September 22nd 2022. Valid for: a year.
This is the only time www.ofm.co.th was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.122 11377 (SENDGRID)
21 138.113.147.185 54994 (ML-1432-5...)
2 2a00:1450:400... 15169 (GOOGLE)
1 161.71.134.47 14340 (SALESFORCE)
2 110.238.127.47 136907 (HWCLOUDS-...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 18.136.3.203 16509 (AMAZON-02)
1 18.66.248.94 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 18.154.63.123 16509 (AMAZON-02)
1 54.72.93.38 16509 (AMAZON-02)
1 2.16.97.81 16625 (AKAMAI-AS)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
13 23.38.98.10 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 103.132.192.30 138552 (RTBHOUSE-...)
1 18.173.233.51 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
4 52.152.143.207 8075 (MICROSOFT...)
1 147.92.191.92 38631 (LINE LINE...)
1 2 185.89.211.116 29990 (ASN-APPNEX)
11 101.53.161.166 ()
1 2 68.219.88.97 ()
1 1 2620:1ec:c11:... ()
2 101.53.163.5 ()
86 28
1    167.89.123.122 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net
u25616647.ct.sendgrid.net
21    138.113.147.185 (Canada)

ASN54994 (ML-1432-54994, CA)
www.ofm.co.th
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    161.71.134.47 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg1-c3-hnd3.cs290-hn3.salesforce.com
officemate--prepro.sandbox.my.salesforce.com
2    110.238.127.47 (Bangkok, Thailand)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-110-238-127-47.compute.hwclouds-dns.com
apis.ofm.co.th
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.136.3.203 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-3-203.ap-southeast-1.compute.amazonaws.com
mstatic.priceza.com
1    18.66.248.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-94.dus51.r.cloudfront.net
static.hotjar.com
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
tags.creativecdn.com
1    18.154.63.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-123.dus51.r.cloudfront.net
script.accesstrade.in.th
1    54.72.93.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-93-38.eu-west-1.compute.amazonaws.com
track.omguk.com
1    2.16.97.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-81.deploy.static.akamaitechnologies.com
d.line-scdn.net
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
13    23.38.98.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-10.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
asia.creativecdn.com
1    18.173.233.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-51.dus51.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
1    147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)
tr.line.me
2    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
11    101.53.161.166 (None, )

ASN- ()
officemate.my.salesforce.com
2    68.219.88.97 (None, )

ASN- ()
c.clarity.ms
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
2    101.53.163.5 (None, )

ASN- ()
d.la1-c1-ukb.salesforceliveagent.com
Apex Domain
Subdomains		 Transfer
23 ofm.co.th
www.ofm.co.th — Cisco Umbrella Rank: 660322
apis.ofm.co.th — Cisco Umbrella Rank: 739884
2 MB
13 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 875
152 KB
12 salesforce.com
officemate--prepro.sandbox.my.salesforce.com
officemate.my.salesforce.com
44 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1290
o.clarity.ms — Cisco Umbrella Rank: 10291
c.clarity.ms
28 KB
7 creativecdn.com
tags.creativecdn.com — Cisco Umbrella Rank: 8550
asia.creativecdn.com — Cisco Umbrella Rank: 26523
5 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
2 salesforceliveagent.com
d.la1-c1-ukb.salesforceliveagent.com
5 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
233 B
2 google.de
www.google.de — Cisco Umbrella Rank: 3974
515 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2225
www.google.com — Cisco Umbrella Rank: 11
661 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
404 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1261
script.hotjar.com — Cisco Umbrella Rank: 1629
61 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
205 KB
1 bing.com
c.bing.com
762 B
1 line.me
tr.line.me — Cisco Umbrella Rank: 17467
425 B
1 line-scdn.net
d.line-scdn.net — Cisco Umbrella Rank: 17584
10 KB
1 omguk.com
track.omguk.com — Cisco Umbrella Rank: 37305
555 B
1 accesstrade.in.th
script.accesstrade.in.th — Cisco Umbrella Rank: 410829
6 KB
1 priceza.com
mstatic.priceza.com — Cisco Umbrella Rank: 318113
2 KB
1 sendgrid.net
u25616647.ct.sendgrid.net
275 B
86 22
Domain Requested by
21 www.ofm.co.th www.ofm.co.th
13 analytics.tiktok.com www.ofm.co.th
analytics.tiktok.com
11 officemate.my.salesforce.com officemate--prepro.sandbox.my.salesforce.com
officemate.my.salesforce.com
6 asia.creativecdn.com 1 redirects www.ofm.co.th
tags.creativecdn.com
4 o.clarity.ms www.clarity.ms
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.ofm.co.th
2 d.la1-c1-ukb.salesforceliveagent.com officemate.my.salesforce.com
2 c.clarity.ms 1 redirects
2 ib.adnxs.com 1 redirects www.ofm.co.th
2 www.facebook.com www.ofm.co.th
2 www.google.de www.ofm.co.th
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.clarity.ms www.ofm.co.th
www.clarity.ms
2 connect.facebook.net www.ofm.co.th
connect.facebook.net
2 apis.ofm.co.th www.ofm.co.th
2 www.googletagmanager.com www.ofm.co.th
www.googletagmanager.com
1 c.bing.com 1 redirects
1 tr.line.me www.ofm.co.th
1 www.google.com www.ofm.co.th
1 script.hotjar.com static.hotjar.com
1 region1.analytics.google.com www.googletagmanager.com
1 d.line-scdn.net www.ofm.co.th
1 track.omguk.com www.ofm.co.th
1 script.accesstrade.in.th www.ofm.co.th
1 tags.creativecdn.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 mstatic.priceza.com www.googletagmanager.com
1 officemate--prepro.sandbox.my.salesforce.com www.ofm.co.th
1 u25616647.ct.sendgrid.net 1 redirects
86 29
Subject Issuer Validity Valid
*.ofm.co.th
Thawte RSA CA 2018		 2022-09-22 -
2023-10-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
cs290.salesforce.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-11 -
2024-01-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-12 -
2023-10-10		 3 months crt.sh
*.priceza.com
Go Daddy Secure Certificate Authority - G2		 2022-12-21 -
2024-01-22		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
1589314308.rsc.cdn77.org
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
*.accesstrade.in.th
AlphaSSL CA - SHA256 - G4		 2023-01-12 -
2024-02-13		 a year crt.sh
*.omguk.com
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-21		 a year crt.sh
line-apps.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-11 -
2024-01-11		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.line.me
GlobalSign RSA OV SSL CA 2018		 2023-08-10 -
2024-09-10		 a year crt.sh
ap6.salesforce.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-18 -
2024-01-16		 a year crt.sh
la1-c1-ukb.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-10 -
2024-01-09		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Frame ID: 2DF03F1DA593731A228D7CC74B825026
Requests: 76 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 597699FE035F22D4EADCDECB725CD0D2
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/fledge-igmembership?ntk=TigdMrm1et1lbjwoDFefxCGEAzKbLon_YQS5nb49ul8LJ_nx6DCvAKGW8udqrGEul8P-Wy-gBV7zcP7l5xQmKg
Frame ID: 7F0518CA7EFEA424D6311DEFAED635DF
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/topics-membership?ntk=Jse5DSpmd7MuIvMSsxWVZWu44W911OUTjPNR-KyeoLuk8h-Qju18mgwXgXlbtbUZ0sqo2wVbYsKPIzW2vmMZhw
Frame ID: 188EF9B7DDF1721206887466A4EF7B3B
Requests: 1 HTTP requests in this frame

Frame: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Frame ID: 74ABC9CD9DBFA6ECBF13AD44FADBFE77
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OFM Biz มีครบ จบไว สั่งง่าย ได้เร็ว

Page URL History Show full URLs

  1. https://u25616647.ct.sendgrid.net/ls/click?upn=c25vSFddlVot5Lh2-2F6luDz26jZ2TtpcSrV0LyO5o68fLKMrRGFurudH7Orj-2... HTTP 302
    https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • track\.omguk\.com

Page Statistics

86
Requests

97 %
HTTPS

38 %
IPv6

22
Domains

29
Subdomains

28
IPs

8
Countries

2574 kB
Transfer

9534 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u25616647.ct.sendgrid.net/ls/click?upn=c25vSFddlVot5Lh2-2F6luDz26jZ2TtpcSrV0LyO5o68fLKMrRGFurudH7Orj-2FtBM8L1PygIN6vQwiYJj3Jeu8-2B-2BgllsAP7czU3rEjtXDR9oqvbzNlUthk9nMNWMCvVpiIYqwB_mukTOnWM0UuNjd7SB-2BUKcr4YGBFDXorb7P4U-2BqRqj74jh3Kmhu4B4R-2FHxTGvgZeZoSmJhwZOLbDU-2Fzpzn-2Fw1nSTWvjtowwypgqAXhlVTrhSe4kHUKvGYFiLg8tcH-2B4tEv4iQ2QUPRUtfXI4hdDU-2FLY0nmAuM5znZmx3N0gZKosbL0uo2mzg9VMbhm9x-2FLcoxsvECEj91fxPpFPPxriM1zQ-3D-3D HTTP 302
    https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://asia.creativecdn.com/tags/v2?type=json HTTP 307
  • https://asia.creativecdn.com/tags/v2?type=json&tc=1
Request Chain 68
  • https://ib.adnxs.com/setuid?entity=315&code=IGmzxRCJIjNQ37NdRiDQ HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DIGmzxRCJIjNQ37NdRiDQ
Request Chain 74
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE9BD04F221D4BCCB11385CE63D7137A&RedC=c.clarity.ms&MXFR=23E5D2353D5F6A643906C1AA395F645E HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE9BD04F221D4BCCB11385CE63D7137A&MUID=35A5F237AF46646A0A8BE1A8AE46658D

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request newpassword
www.ofm.co.th/
Redirect Chain
  • https://u25616647.ct.sendgrid.net/ls/click?upn=c25vSFddlVot5Lh2-2F6luDz26jZ2TtpcSrV0LyO5o68fLKMrRGFurudH7Orj-2FtBM8L1PygIN6vQwiYJj3Jeu8-2B-2BgllsAP7czU3rEjtXDR9oqvbzNlUthk9nMNWMCvVpiIYqwB_mukTOnWM0...
  • https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
79ea02dbfb25a4da91d7f66b6db3fe4eec410b4874e9c8235f535775cfd0f0cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 01:49:55 GMT
etag
"733f-SlXYGySum281+/khOMc4bfPm0Qo"
server
CloudWAF
x-via
1.1 PSdgflkfFRA2po75:2 (Cdn Cache Server V2.0)
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43241

Redirect headers

Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Oct 2023 01:49:52 GMT
Location
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Server
nginx
X-Robots-Tag
noindex, nofollow
024d5ad.js
www.ofm.co.th/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/024d5ad.js
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
40174ee2fc06c8bf3d13f29420f4167b978394f79a815b32b35c9c4fba304698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"dec-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43250
content-type
application/javascript; charset=UTF-8
x-via
1.1 PSrbJP1de68:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:14 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
59bb335.js
www.ofm.co.th/_nuxt/ 		282 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/59bb335.js
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
e4b481492c7e1f1e4b952309bc0801521f9b6ff83cbad217ec6ae678adc4d5f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"4695a-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43252
content-type
application/javascript; charset=UTF-8
x-via
1.1 PSrbJP1ww66:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:11 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
b431b51.css
www.ofm.co.th/_nuxt/css/ 		478 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/css/b431b51.css
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
e127859f9a55ea4c9c087582d5642431d070b279f80331e18ba4c659e091f8fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"77879-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43251
content-type
text/css; charset=UTF-8
x-via
1.1 PSrbJP1al65:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:12 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
b8eb4de.js
www.ofm.co.th/_nuxt/ 		2 MB
357 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/b8eb4de.js
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
d28f8833bd640757d6781d6bf0cd19fa5e0fac699347aa2ca114237a43f66232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"20d927-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43253
content-type
application/javascript; charset=UTF-8
x-via
1.1 PSrbJP1al65:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:11 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
366f438.js
www.ofm.co.th/_nuxt/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/366f438.js
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
3d5b7e1092e9f2e8128d6bbce9eb959af629b71f1bea1fe192a91a761be6fd6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"3ce540-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43254
content-type
application/javascript; charset=UTF-8
x-via
1.1 PSrbJP1tu67:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:16 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
ofm-logo.png
www.ofm.co.th/_ipx/f_webp,q_100,s_90x45/https://ofm-cdn0.ofm.co.th/images/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_ipx/f_webp,q_100,s_90x45/https://ofm-cdn0.ofm.co.th/images/logo/ofm-logo.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
b2788f78503dbfbfaa6c78a36d1aeb287e6bf1542850afea927bb654797eccaf
Security Headers
Name Value
Content-Security-Policy default-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-security-policy
default-src 'none'
last-modified
1665125449000
server
CloudWAF
age
1
etag
\"782-RM8h8ZbAVHi9BUNJyPt8ulQqpwc\"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43256
content-type
image/webp
x-via
1.1 PSrbJP1de68:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:15 (Cdn Cache Server V2.0)
cache-control
max-age=3000, public, s-maxage=3000
footer-1.ca77867.png
www.ofm.co.th/_nuxt/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/footer-1.ca77867.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
5e30b57fe5fb95c9f1bd9da916fae3298be9f90ec058313a16abe4c3aa52673d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
last-modified
Tue, 15 Aug 2023 10:55:49 GMT
server
CloudWAF
age
1
etag
W/"aa5-189f8d66b08"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43257
content-type
image/png
x-via
1.1 PSrbJP1de68:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:0 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2725
footer-2.499d843.png
www.ofm.co.th/_nuxt/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/footer-2.499d843.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
44e0ce08349b784a4d685f99d17d60cee66723ecf33bdc054afa78a75b0a04bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
last-modified
Thu, 13 Jul 2023 10:58:29 GMT
server
CloudWAF
age
1
etag
W/"a6b-1894ee70008"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43258
content-type
image/png
x-via
1.1 dj136:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:8 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2667
footer-3.0809e73.png
www.ofm.co.th/_nuxt/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/footer-3.0809e73.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
7e14f2caafd07d1c838040ca762a43515823855f68686875ba6da67a0fe4d789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
last-modified
Thu, 13 Jul 2023 10:58:29 GMT
server
CloudWAF
age
1
etag
W/"9ad-1894ee70008"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43259
content-type
image/png
x-via
1.1 PSrbJP1ww66:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:12 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2477
footer-4.e04924c.png
www.ofm.co.th/_nuxt/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/footer-4.e04924c.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
e2846026ebe599c8fb5b50143c706180dd7addf7ecf0dc8438828f4f9076756d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
last-modified
Thu, 13 Jul 2023 10:58:29 GMT
server
CloudWAF
age
1
etag
W/"b1d-1894ee70008"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43260
content-type
image/png
x-via
1.1 dj136:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:6 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2845
footer-5.0c649c6.png
www.ofm.co.th/_nuxt/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/footer-5.0c649c6.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
adad878819ef5dc9c80dbd09904ed15010e86831e180a778375238c6fe66e509

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
last-modified
Tue, 15 Aug 2023 10:55:49 GMT
server
CloudWAF
age
1
etag
W/"8ea-189f8d66b08"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43261
content-type
image/png
x-via
1.1 PSrbJP1de68:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:6 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2282
contact_center.a5d2eb3.png
www.ofm.co.th/_nuxt/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/contact_center.a5d2eb3.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
2c254471e5b86811af65785918d0edd65e2358d8d5c81fd6c0d26e409b922032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
last-modified
Tue, 01 Aug 2023 11:24:22 GMT
server
CloudWAF
age
1
etag
W/"1b32-189b0d78670"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43262
content-type
image/png
x-via
1.1 PSrbJP1al65:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:9 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6962
IG.66f6c85.png
www.ofm.co.th/_nuxt/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/IG.66f6c85.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
ae88013fad7922ef9fa27a01f1f125d706f9717918e0ec328c24908e06757a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
last-modified
Thu, 13 Jul 2023 10:58:29 GMT
server
CloudWAF
age
1
etag
W/"5e0-1894ee70008"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43263
content-type
image/png
x-via
1.1 PSrbJP1ww66:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:19 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1504
line.e33d312.png
www.ofm.co.th/_nuxt/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/line.e33d312.png
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
6f9438ebd123db38089ed2c31b92d6b20c7294dbda81b1a8f8b3871509b48ccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
last-modified
Thu, 13 Jul 2023 10:58:29 GMT
server
CloudWAF
age
1
etag
W/"caf-1894ee70008"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43264
content-type
image/png
x-via
1.1 dj136:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:17 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3247
gtm.js
www.googletagmanager.com/ 		455 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b422290fa35ec4e75e70d77e2d476f09e1a3bf68e5ef4826ea93a44cd37b3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116703
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 00:57:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 03 Oct 2023 01:49:56 GMT
truncated
/ 		990 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81905ec7149c967db6f0acd77c340f50851042e015775c9e449cf08df4d06a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
epro.c4a6694.ttf
www.ofm.co.th/_nuxt/fonts/ 		9 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/fonts/epro.c4a6694.ttf
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
ef9338cbfdaea49d5d10f91fa0a78bb8aefa906aa974e7574c4131f57085b126

Request headers

Referer
https://www.ofm.co.th/_nuxt/css/b431b51.css
Origin
https://www.ofm.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"2498-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43266
content-type
font/ttf
x-via
1.1 PSrbJP1al65:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:14 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
Kanit-Regular.f3bae13.ttf
www.ofm.co.th/_nuxt/fonts/ 		166 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/fonts/Kanit-Regular.f3bae13.ttf
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
545410e2cc17b7485bff89b4368a900e14b0f1fcb2e39e5d1d52d42249d3e450

Request headers

Referer
https://www.ofm.co.th/_nuxt/css/b431b51.css
Origin
https://www.ofm.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"29710-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43267
content-type
font/ttf
x-via
1.1 PSrbJP1tu67:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:16 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
Kanit-Medium.786fd6b.ttf
www.ofm.co.th/_nuxt/fonts/ 		167 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/fonts/Kanit-Medium.786fd6b.ttf
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
3854bf6e90e3cb3c8f8ce04bc86cf7ac58d83b3ffbc4b1345ea7d112095b79ff

Request headers

Referer
https://www.ofm.co.th/_nuxt/css/b431b51.css
Origin
https://www.ofm.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"29d48-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43268
content-type
font/ttf
x-via
1.1 PSrbJP1al65:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:18 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
Kanit-Light.7b6b955.ttf
www.ofm.co.th/_nuxt/fonts/ 		164 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/fonts/Kanit-Light.7b6b955.ttf
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
e8ce2c7816d5a0bb587ad0249f0aec0b6bd2c8947a109f291632619dbf32646c

Request headers

Referer
https://www.ofm.co.th/_nuxt/css/b431b51.css
Origin
https://www.ofm.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"29064-18aad0ac9c0"
x-ws-request-id
651b7343_PSdgflkfFRA2gb73_2371-43269
content-type
font/ttf
x-via
1.1 PSrbJP1al65:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:7 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
esw.min.js
officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/b8eb4de.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.134.47 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl7-ncg1-c3-hnd3.cs290-hn3.salesforce.com
Software
/
Resource Hash
f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:49:59 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:49:59 GMT
PreLoad_ofm.1a393ce.gif
www.ofm.co.th/_nuxt/img/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ofm.co.th/_nuxt/img/PreLoad_ofm.1a393ce.gif
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
c50f43a9776a8fb9bc6b62de71ff2c4b1eede0893a14a563766139d1d9f81f42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:56 GMT
last-modified
Thu, 10 Aug 2023 10:36:27 GMT
server
CloudWAF
age
1
etag
W/"8b32-189df04e3f8"
x-ws-request-id
651b7344_PSdgflkfFRA2gb73_2371-43288
content-type
image/gif
x-via
1.1 PSrbJP1tu67:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:4 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
35634
verifyOTP
apis.ofm.co.th/authentication/api/v1/Credentials/ 		432 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ofm.co.th/authentication/api/v1/Credentials/verifyOTP?open_id=a9f2ab5771dd&otp_code=969930
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/59bb335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
110.238.127.47 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-110-238-127-47.compute.hwclouds-dns.com
Software
CloudWAF /
Resource Hash
8656f12ba561404c59a23750fc32e9f3deb673c42a0eb1a7d51f49d8c5f34676

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ofm.co.th/
user-locale
th
accept-language
de-DE,de;q=0.9
Authorization
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 03 Oct 2023 01:49:58 GMT
Via
kong/2.5.0
Server
CloudWAF
api-supported-versions
1.0
X-Kong-Proxy-Latency
0
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.ofm.co.th
Location
http://service-ofm-authentication-api.ofm.co.th/api/v1/Credentials/verifyOTP
X-Kong-Upstream-Latency
162
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
432
verifyOTP
apis.ofm.co.th/authentication/api/v1/Credentials/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apis.ofm.co.th/authentication/api/v1/Credentials/verifyOTP?open_id=a9f2ab5771dd&otp_code=969930
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
110.238.127.47 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-110-238-127-47.compute.hwclouds-dns.com
Software
CloudWAF /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,user-locale
Access-Control-Request-Method
POST
Origin
https://www.ofm.co.th
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,user-locale
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.ofm.co.th
Connection
keep-alive
Date
Tue, 03 Oct 2023 01:49:58 GMT
Server
CloudWAF
Vary
Origin
Via
kong/2.5.0
X-Kong-Proxy-Latency
0
X-Kong-Upstream-Latency
3
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Oct 2023 01:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
335
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 03 Oct 2023 03:44:21 GMT
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 03 Oct 2023 01:49:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53277
x-xss-protection
0
pragma
public
x-fb-debug
XzQGbi37BnAufeO2qAmhuU+Zw31Ebh9dnN4s+YbpGSPO09Ye1bjXN77WuKtliW18UyVdLKKU0Cgw2YOdopHChQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking-3.0.js
mstatic.priceza.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mstatic.priceza.com/js/tracking-3.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.3.203 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-3-203.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0c0c46fb6987f0a78f05724036d48029d4e42a00ab50bdaec452cded93c2497f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
gzip
last-modified
Wed, 27 Sep 2023 09:52:59 GMT
server
nginx
etag
"6513fb7b-77e"
content-type
application/javascript
cache-control
max-age=86400
content-length
1918
expires
Wed, 04 Oct 2023 01:49:56 GMT
hotjar-3235515.js
static.hotjar.com/c/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3235515.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-94.dus51.r.cloudfront.net
Software
/
Resource Hash
95399e575747858c5f114498f8ea12812a8b26d73dd92465323dd50631ad8bad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 03 Oct 2023 01:49:56 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
etag
W/fd24f8862c36160f90e9c161e56ea746
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
N4fNHybKOwuE-aw4COYYPy1RvUx5AH9OKXjheAZkg_eQ-9YBy4gt_Q==
eYyrBlV2DqhIXttPPGKW.js
tags.creativecdn.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.creativecdn.com/eYyrBlV2DqhIXttPPGKW.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu2aYpYDOnxL7Qk2IH7Yl25tqJMCyKQBpKpeDMmrNf9Llq1gqVvFYw4D2b3KdQSAjFA-NZ0B6qLuqI6yz7IBCbRqA
x-cache
HIT
x-77-cache
HIT
x-goog-storage-class
STANDARD
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
x-age
1590
x-accel-date
1696296206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt
AZySIYj27Mf/NgYAAA
x-accel-expires
@1696299806
x-77-age
1590
last-modified
Tue, 20 Sep 2022 08:38:13 GMT
server
CDN77-Turbo
etag
W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray
f6587a1d39fa84c544731b655190431e
vary
Accept-Encoding, Accept-Encoding
x-goog-generation
1663663093852794
content-type
application/javascript
x-goog-hash
crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control
public, max-age=3600
warning
214 UploadServer gunzipped
x-goog-stored-content-length
1741
expires
Mon, 02 Oct 2023 22:16:04 GMT
lp.js
script.accesstrade.in.th/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.accesstrade.in.th/lp.js?cb=1696297796458
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-123.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccc0d738401ecb0a97cf3c857f5e0dee85b6d3668711a30951b61663f0102b91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 03:58:13 GMT
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
last-modified
Thu, 02 Feb 2023 04:56:19 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
age
78704
x-amz-server-side-encryption
AES256
etag
"b07267a9675aa89889de89cd78f1f63d"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
5324
x-amz-cf-id
nVwYtStKgvo_xl9Aapubrt-lDD9PA_MEXtgoqd1ZiSf1fooGbis61Q==
/
track.omguk.com/e/qs/ 		0
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.omguk.com/e/qs/?action=Content&MID=2339060&PID=53903&ref=https%3A//www.ofm.co.th/newpassword%3Fcode%3Da9f2ab5771dd_969930%26action%3Dinvite
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.93.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-93-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache
content-length
0
x-xss-protection
1; mode=block
lt.js
d.line-scdn.net/n/line_tag/public/release/v1/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-81.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
strict-transport-security
max-age=15768000
content-encoding
gzip
date
Tue, 03 Oct 2023 01:49:56 GMT
x-amz-request-id
tx0000006918b62e065fa5b-00651a6066-13dd9984-jp2
content-length
9865
x-amz-expiration
expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified
Mon, 02 Oct 2023 06:16:39 GMT
server
VOS
etag
"02e4691c0dcc2f7ecef2712fb0f24921"
vary
Accept-Encoding
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=2521621
accept-ranges
bytes
expires
Wed, 01 Nov 2023 06:16:57 GMT
fmbi42qifu
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fmbi42qifu?ref=gtm2
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6bccda5cdd4837ea4fa51beb49f38eb19244c4d89291735bbc757a6286fa1ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
-1
date
Tue, 03 Oct 2023 01:49:56 GMT
x-azure-ref
20231003T014956Z-v1ww3r53nd7u1dewgnfwh4kqyc000000031g000000006vzh
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1036
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIHU9QJC77U9G5MV8IRG&lib=ttq
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
222bca062fff28d2c253dde2d041cb3f01fd57f3c53b6ff3687fada3aecda8a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id
627bb36
date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=97
content-length
1720
pragma
no-cache
server
nginx
x-tt-logid
202310030149564FBCF5A92DA8DF858133
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
98,23.38.99.74
x-tt-trace-host
01038f7af69644f21d749c899bc7a725660f8f9fb0623b2f95adf36cc8f865e49e921ea0430929588ad88b52763badbe61e5dbdbf7738c21398b2e784a9e349d05079d3b3fd58a5b143eb23c0349577b9e51b28bdaa6ab4bb540bc5f5fecaa9374
expires
Tue, 03 Oct 2023 01:49:56 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6D0LWJ3Z9P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d4209dc09d783dfe01ddf538ad724c8d8c5dc73a46aad48cf45b1356d851b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92856
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Oct 2023 01:49:56 GMT
513ecbf.js
www.ofm.co.th/_nuxt/ 		144 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ofm.co.th/_nuxt/513ecbf.js
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/024d5ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.147.185 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
CloudWAF /
Resource Hash
a67640b4acf75b2bafbe7610bc53cee2b4cb28b300582df74fe90ff32f144130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 10:44:40 GMT
server
CloudWAF
age
1
etag
W/"90-18aad0ac9c0"
x-ws-request-id
651b7344_PSdgflkfFRA2gb73_2371-43299
content-type
application/javascript; charset=UTF-8
x-via
1.1 PSrbJP1tu67:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:13 (Cdn Cache Server V2.0)
cache-control
public, max-age=31536000
accept-ranges
bytes
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1239645167&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3Da9f2ab5771dd_969930%26action%3Dinvite&ul=en-us&de=UTF-8&dt=OFM%20Biz%20%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A3%E0%B8%9A%20%E0%B8%88%E0%B8%9A%E0%B9%84%E0%B8%A7%20%E0%B8%AA%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%A3%E0%B9%87%E0%B8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1010366224&gjid=373109192&cid=1178113406.1696297796&tid=UA-11520015-31&_gid=2010818417.1696297796&_r=1&_slc=1&gtm=45He39r0n81TVKQ5LW&z=785717231
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ofm.co.th
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
701640077400556
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/701640077400556?v=2.9.131&r=stable&domain=www.ofm.co.th
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
668d96db81485cdc1744cee53b3052b65667aa8df0d267283556a8bc6d44fafb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 03 Oct 2023 01:49:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
PRUHVrNj8IzPpceE3KAQPAqJ/iu4iCNGCszD9Vv7nzCrX9oB5pB1UYA9Ws98T5SGcLp2IN3pF5Ixgx1nuTOaNQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11520015-31&cid=1178113406.1696297796&jid=1010366224&gjid=373109192&_gid=2010818417.1696297796&_u=YEBAAEAAAAAAACAAI~&z=1775111815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 03 Oct 2023 01:49:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ofm.co.th
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6D0LWJ3Z9P&gtm=45je39r0&_p=1239645167&_gaz=1&cid=1178113406.1696297796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696297796&sct=1&seg=0&dl=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3Da9f2ab5771dd_969930%26action%3Dinvite&dt=OFM%20Biz%20%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A3%E0%B8%9A%20%E0%B8%88%E0%B8%9A%E0%B9%84%E0%B8%A7%20%E0%B8%AA%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%A3%E0%B9%87%E0%B8%A7&en=page_view&_fv=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6D0LWJ3Z9P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ofm.co.th
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6D0LWJ3Z9P&cid=1178113406.1696297796&gtm=45je39r0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6D0LWJ3Z9P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ofm.co.th
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6D0LWJ3Z9P&cid=1178113406.1696297796&gtm=45je39r0&aip=1&z=1840738274
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
asia.creativecdn.com/tags/
Redirect Chain
  • https://asia.creativecdn.com/tags/v2?type=json
  • https://asia.creativecdn.com/tags/v2?type=json&tc=1
419 B
811 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://asia.creativecdn.com/tags/v2?type=json&tc=1
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
dab305af222ac633db3537b45d2f8ac5b56b88ac1b746717104066b55e2b6a90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:57 GMT, Tue, 03 Oct 2023 01:49:57 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
access-control-max-age
3600
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.ofm.co.th
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
315
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 03 Oct 2023 01:49:57 GMT
vary
Origin
access-control-max-age
3600
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin
https://www.ofm.co.th
access-control-allow-methods
GET, POST
location
https://asia.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
asia.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://asia.creativecdn.com/tags/v2?type=json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ofm.co.th
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.ofm.co.th
access-control-max-age
3600
content-length
0
date
Tue, 03 Oct 2023 01:49:56 GMT
vary
Origin
modules.b404d8274463c09659de.js
script.hotjar.com/ 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b404d8274463c09659de.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3235515.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-51.dus51.r.cloudfront.net
Software
/
Resource Hash
913bd47aee05e1d13c2e80875fde9802753b8615b978c3e17384fef2b3d3e21a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 13:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 a7922bb75420f6c3485eed5adcb99ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
age
43850
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56044
last-modified
Mon, 02 Oct 2023 13:38:29 GMT
etag
"3f992af9e03190f5776b0cfcd609bdd3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
S8KTWWuyUh_gMqjf5iczsu3slC66ggmYSkghzoYl108dc8vS-wjfLw==
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11520015-31&cid=1178113406.1696297796&jid=1010366224&_u=YEBAAEAAAAAAACAAI~&z=2053206794
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11520015-31&cid=1178113406.1696297796&jid=1010366224&_u=YEBAAEAAAAAAACAAI~&z=2053206794
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.10/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fmbi42qifu?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
br
last-modified
Sun, 01 Oct 2023 11:49:32 GMT
etag
W/"0x8DBC2747A191F8E"
vary
Accept-Encoding
x-azure-ref
20231003T014956Z-v1ww3r53nd7u1dewgnfwh4kqyc000000031g000000006w01
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4d40b107-801e-0077-7f61-f4fb4f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=701640077400556&ev=PageView&dl=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3Da9f2ab5771dd_969930%26action%3Dinvite&rl=&if=false&ts=1696297796618&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.2.1696297796617.279087877&ler=empty&it=1696297796513&coo=false&exp=a1&rqm=GET
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 03 Oct 2023 01:49:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame 5976 		0
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.ofm.co.th
Referer
https://www.ofm.co.th/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.ofm.co.th
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 01:49:56 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
main.MWQ0NWRkZTlhNQ.js
analytics.tiktok.com/i18n/pixel/static/ 		424 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIHU9QJC77U9G5MV8IRG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80e935233663141a5a8811c25e3469f190ec70764c47c2ae4d5fc67ba616848e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id
627bb71
date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202309211240132486B876A746C13E38D0
vary
Accept-Encoding
x-cache
TCP_HIT from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01240d47d2a1ca402d29f672ccb2144ff7de68b754bfb66c51aa1c30cb31ff7fe6b01b28bd7e202e0bfeeeedd953a12f906194d4edaa2e1f5a85ad5918645a8b6d1874702dbceb74abef4ffa290bee34e0bcae9a18005ef4417fc6b2bd9f3cd2ba
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
109333
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1239645167&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3Da9f2ab5771dd_969930%26action%3Dinvite&ul=en-us&de=UTF-8&dt=OFM%20Biz%20%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A3%E0%B8%9A%20%E0%B8%88%E0%B8%9A%E0%B9%84%E0%B8%A7%20%E0%B8%AA%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%A3%E0%B9%87%E0%B8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1aycdti&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1178113406.1696297796&tid=UA-11520015-31&_gid=2010818417.1696297796&gtm=45He39r0n81TVKQ5LW&cd5=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffmbi42qifu%2Fxtbcte%2F1aycdti&z=504385096
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 11:49:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50446
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id
627bb91
date
Tue, 03 Oct 2023 01:49:56 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230907110710A3E17FF6BA90138D5F3A
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018c2c88748710049b87b86c06511915036ae1509453e71224c1fc91378c16d101c5c9dc7d92ac9759f01aa2115b0d4be90b450d8c4f2cbb404e2358047aeedb2e683765dd1d4569cb7282425028a0c4eb7c7e1d64bec1036323fc3073cfe197be
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
35923
monitor
analytics.tiktok.com/api/v2/ 		0
649 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
627bba6
date
Tue, 03 Oct 2023 01:49:57 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing
inner; dur=91, cdn-cache; desc=MISS, edge; dur=4, origin; dur=462
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231003014957A0FD97C108E8818C6E9A
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
462,23.38.99.74
x-tt-trace-host
01038f7af69644f21d749c899bc7a725660f8f9fb0623b2f95adf36cc8f865e49e4a3dacdf06d86a4af7226df343c365e50b2a29b83a18342b0e4b8184d6a48b3028bea2c5c36ae63f2889a6c2717f9b7d6277d2f8b5c45f85f427a7e71b3ced5f
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:57 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
793 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d9779c0.627bba7
date
Tue, 03 Oct 2023 01:49:56 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
182,23.38.99.74
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=95, inner; dur=90
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023100301495613331A44C651BB66310B
x-cache-remote
TCP_MISS from a23-220-106-13.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
95,23.220.106.13
x-tt-trace-host
01038f7af69644f21d749c899bc7a72566f4d397555aef55b6b02529ce8c853825eb235377fa111d56d79f98df662be730d333954ba6ba8694097b7dd130b96815cdba3e745bb8b40532a1e75cf6564b2a65d68d8d819f040aec337dfe77ff84a9769d0f07fcf975e86aca1223c075dbe6
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:56 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
8390b5df.627bbaa
date
Tue, 03 Oct 2023 01:49:56 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
100,23.38.99.74
server-timing
cdn-cache; desc=MISS, edge; dur=93, origin; dur=12, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231003014956A5446228CDD493512FB2
x-cache-remote
TCP_MISS from a23-220-106-16.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.220.106.16
x-tt-trace-host
01038f7af69644f21d749c899bc7a72566f4d397555aef55b6b02529ce8c85382515bdd403960ffec614d366486d4bb182582722928c62701f73704ae5881c6ed277ab51ab960fb9257a59d929db95a21791f7d8ded132b2163169776e62834bbf420e52dc6d4cab67244125c2142d570a
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:56 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
787 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e1e5066.627bbb0
date
Tue, 03 Oct 2023 01:49:56 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
98,23.38.99.74
server-timing
cdn-cache; desc=MISS, edge; dur=93, origin; dur=10, inner; dur=7
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231003014956DFCFFA25208FE7614F17
x-cache-remote
TCP_MISS from a23-220-106-5.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.220.106.5
x-tt-trace-host
01038f7af69644f21d749c899bc7a72566f4d397555aef55b6b02529ce8c85382575c1fcbba3caf80da61fc8aab8a508036cb23890c6baae58d8f41bd9f5b989d6caddf49489ac9a5b29704d0f2ae86914fb503b2b07b6bf2b8a226ed4a5cafb82668c7e5fe1fd4e6028b55aaac988b8ec
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:56 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e1e4e32.627bbb5
date
Tue, 03 Oct 2023 01:49:57 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
326,23.38.99.74
server-timing
cdn-cache; desc=MISS, edge; dur=164, origin; dur=167, inner; dur=74
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231003014956DA219477F947A948A9B8
x-cache-remote
TCP_MISS from a23-220-106-5.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
167,23.220.106.5
x-tt-trace-host
01038f7af69644f21d749c899bc7a72566f4d397555aef55b6b02529ce8c85382575c1fcbba3caf80da61fc8aab8a5080347663eeb4428c7099171c955b880aab1fb39bdfd996360f7d850b1bfc10af90f49b32ff5a0ba4aa2e5f7c54d4f5040a819b94e75ebdd171304bd1924ba1e9a74
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:57 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
787 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
5b0bc82.627bbb7
date
Tue, 03 Oct 2023 01:49:57 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
274,23.38.99.74
server-timing
cdn-cache; desc=MISS, edge; dur=270, origin; dur=10, inner; dur=7
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231003014957E7F274EC8B32826DE3D8
x-cache-remote
TCP_MISS from a23-220-106-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.220.106.6
x-tt-trace-host
01038f7af69644f21d749c899bc7a72566f4d397555aef55b6b02529ce8c8538250076b923df4f30a8f21af90acbdc61978d144fba9972e3caba3c160aa3355cef5249b2348101871e2f799c42ead02e11aef7921e1432955fc1854214aabc87ab2d9214b301004ac2cd5b50048bcce67a
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:57 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
650 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
627bbbd
date
Tue, 03 Oct 2023 01:49:56 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing
inner; dur=29, cdn-cache; desc=MISS, edge; dur=6, origin; dur=124
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202310030149561081F94AE7FDDF5FB06E
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
125,23.38.99.74
x-tt-trace-host
01038f7af69644f21d749c899bc7a725660f8f9fb0623b2f95adf36cc8f865e49e2db4596e20f0a97ffcf65aeff5c9bbafbd277621f41606dacb30b40ecfe8e4c6f977049c3711cd17e6aebd5a3c72eebdc03839c4a5e7e08833664ba9132fb511
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:56 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
649 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
627bbbe
date
Tue, 03 Oct 2023 01:49:57 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing
inner; dur=46, cdn-cache; desc=MISS, edge; dur=6, origin; dur=397
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231003014957DE184F4986E3C3616B9E
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
397,23.38.99.74
x-tt-trace-host
01038f7af69644f21d749c899bc7a725660f8f9fb0623b2f95adf36cc8f865e49ebd7e4d52d38f602b9ea80f7bbe1faff27c7f5d7fd482a1d25acfaa55ae3c6ace37ed5d3d16d70cd69679222591f3b52dc90fc0d1e0aa742ce7b595c2108cbee7
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:57 GMT
collect
o.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.ofm.co.th
Date
Tue, 03 Oct 2023 01:49:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
tag.gif
tr.line.me/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.line.me/tag.gif?b_id=85ed494a-30ba-4f09-918d-e8a8ca091ae4&b_u=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3Da9f2ab5771dd_969930%26action%3Dinvite&b_d=www.ofm.co.th&b_p=%2Fnewpassword&b_q=%3Fcode%3Da9f2ab5771dd_969930%26action%3Dinvite&b_t=OFM%20Biz%20%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A3%E0%B8%9A%20%E0%B8%88%E0%B8%9A%E0%B9%84%E0%B8%A7%20%E0%B8%AA%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%A3%E0%B9%87%E0%B8%A7&c_t=lap&t_id=f051a508-a66a-4a8f-a62f-8dd78bf735e9&s_id=11b7a1c2-783064a0&x4=100&e=pv&v=3.4.1&_t=1696297796824
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:49:57 GMT
Cache-Control
private, no-store, no-cache, must-revalidate
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
monitor
analytics.tiktok.com/api/v2/ 		0
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
ac069a4.627bbc1
date
Tue, 03 Oct 2023 01:49:57 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
290,23.38.99.74
server-timing
cdn-cache; desc=MISS, edge; dur=272, origin; dur=27, inner; dur=21
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231003014957F23C56F84B8A655B5406
x-cache-remote
TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
27,23.220.106.7
x-tt-trace-host
01038f7af69644f21d749c899bc7a72566f4d397555aef55b6b02529ce8c85382553c43b90e03f96335a9d4434175146fda59b081b54246b8a92ca3e3764530f39515866b316cfe4bdb206cb2da2cafdb1be39107aa1c666a7b31e127671444ebf79a7b8aaf0fd670d9b4f98a5cb30ab43
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:57 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
650 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhNQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
627bbfe
date
Tue, 03 Oct 2023 01:49:57 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing
inner; dur=42, cdn-cache; desc=MISS, edge; dur=14, origin; dur=137
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231003014957EFA96224C66361342F10
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
138,23.38.99.74
x-tt-trace-host
01038f7af69644f21d749c899bc7a725660f8f9fb0623b2f95adf36cc8f865e49ec3316b14a0a35189466330bed9ead36e550d7a2cba0d98a308ab70808bfebe906457f589e72c51859c79038f2f767c61efdd4f5149c47f469802041dac8cc424
access-control-allow-headers
Authorization,*
expires
Tue, 03 Oct 2023 01:49:57 GMT
v2
asia.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://asia.creativecdn.com/tags/v2?type=json&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ofm.co.th
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.ofm.co.th
access-control-max-age
3600
content-length
0
date
Tue, 03 Oct 2023 01:49:57 GMT
vary
Origin
fledge-igmembership
asia.creativecdn.com/ Frame 7F05 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://asia.creativecdn.com/fledge-igmembership?ntk=TigdMrm1et1lbjwoDFefxCGEAzKbLon_YQS5nb49ul8LJ_nx6DCvAKGW8udqrGEul8P-Wy-gBV7zcP7l5xQmKg
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/eYyrBlV2DqhIXttPPGKW.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
cfb4eb4058f9309dd44fe39eb7b68abf4b0a164e084d9560056764d0c162c879

Request headers

Referer
https://www.ofm.co.th/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
458
content-type
text/html;charset=utf-8
date
Tue, 03 Oct 2023 01:49:57 GMT Tue, 03 Oct 2023 01:49:57 GMT
expires
Wed, 04 Oct 2023 01:49:57 GMT
vary
Accept-Encoding
topics-membership
asia.creativecdn.com/ Frame 188E 		945 B
656 B 		Document
General
Check archive.org
Download Go to
Full URL
https://asia.creativecdn.com/topics-membership?ntk=Jse5DSpmd7MuIvMSsxWVZWu44W911OUTjPNR-KyeoLuk8h-Qju18mgwXgXlbtbUZ0sqo2wVbYsKPIzW2vmMZhw
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/eYyrBlV2DqhIXttPPGKW.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
2f33e49fe01e14fcb939e3dae9d0f55a1255db92fd07428ae4f19916ee33fd39

Request headers

Referer
https://www.ofm.co.th/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
468
content-type
text/html;charset=utf-8
date
Tue, 03 Oct 2023 01:49:57 GMT Tue, 03 Oct 2023 01:49:58 GMT
expires
Wed, 04 Oct 2023 01:49:58 GMT
vary
Accept-Encoding
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=315&code=IGmzxRCJIjNQ37NdRiDQ
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DIGmzxRCJIjNQ37NdRiDQ
43 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DIGmzxRCJIjNQ37NdRiDQ
Requested by
Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:57 GMT
an-x-request-uuid
9eb22a6c-5450-4e98-af75-a07c1316d598
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:49:57 GMT
an-x-request-uuid
a8f5b3ab-c250-41b6-acc1-40ddf53b8c29
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3DIGmzxRCJIjNQ37NdRiDQ
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
o.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.ofm.co.th
Date
Tue, 03 Oct 2023 01:49:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
common.min.js
officemate.my.salesforce.com/embeddedservice/5.0/utils/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:01 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:01 GMT
collect
o.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.ofm.co.th
Date
Tue, 03 Oct 2023 01:50:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
esw.min.css
officemate.my.salesforce.com/embeddedservice/5.0/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/esw.min.css
Requested by
Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:02 GMT
liveagent.esw.min.js
officemate.my.salesforce.com/embeddedservice/5.0/client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:02 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE9BD04F221D4BCCB11385CE63D7137A&RedC=c.clarity.ms&MXFR=23E5D2353D5F6A643906C1AA395F645E
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE9BD04F221D4BCCB11385CE63D7137A&MUID=35A5F237AF46646A0A8BE1A8AE46658D
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE9BD04F221D4BCCB11385CE63D7137A&MUID=35A5F237AF46646A0A8BE1A8AE46658D
Protocol
H2
Server
68.219.88.97 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:50:02 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 03 Oct 2023 01:50:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2E7670ED0554453855EDC13DF038C63 Ref B: FRAEDGE1809 Ref C: 2023-10-03T01:50:02Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE9BD04F221D4BCCB11385CE63D7137A&MUID=35A5F237AF46646A0A8BE1A8AE46658D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
esw.html
officemate.my.salesforce.com/embeddedservice/5.0/ Frame 74AB 		194 B
916 B 		Document
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Requested by
Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ofm.co.th/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public,max-age=86400
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html;charset=UTF-8
Date
Tue, 03 Oct 2023 01:50:02 GMT
Expires
Wed, 04 Oct 2023 01:50:02 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
eswFrame.min.js
officemate.my.salesforce.com/embeddedservice/5.0/ Frame 74AB 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js
Requested by
Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:02 GMT
session.esw.min.js
officemate.my.salesforce.com/embeddedservice/5.0/frame/ Frame 74AB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/frame/session.esw.min.js
Requested by
Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 17 Aug 2022 20:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:02 GMT
broadcast.esw.min.js
officemate.my.salesforce.com/embeddedservice/5.0/frame/ Frame 74AB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/frame/broadcast.esw.min.js
Requested by
Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:02 GMT
chasitor.esw.min.js
officemate.my.salesforce.com/embeddedservice/5.0/frame/ Frame 74AB 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/frame/chasitor.esw.min.js
Requested by
Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 01 Feb 2023 22:50:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:03 GMT
EmbeddedServiceConfig.jsonp
d.la1-c1-ukb.salesforceliveagent.com/chat/rest/EmbeddedService/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-c1-ukb.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D28000001uuUn&EmbeddedServiceConfig.configName=OFM_Live_Chat&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=th
Requested by
Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.163.5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdfcf93309704c876b077b35cc996c8704f7da188aee66ef6af6478c5af3d65e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
officemate.my.salesforce.com/embeddedservice/5.0/client/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:03 GMT
Settings.jsonp
d.la1-c1-ukb.salesforceliveagent.com/chat/rest/Visitor/ 		342 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-c1-ukb.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[57328000000L5zn]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5720K000000GwRJ&org_id=00D28000001uuUn&version=48
Requested by
Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.163.5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d64aaaed412e937c167897ad7ecf4ce0232209a459ba973d574496c3f7dd634d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
officemate.my.salesforce.com/embeddedservice/5.0/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ofm.co.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:03 GMT
filetransfer.esw.min.js
officemate.my.salesforce.com/embeddedservice/5.0/frame/ Frame 74AB 		473 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://officemate.my.salesforce.com/embeddedservice/5.0/frame/filetransfer.esw.min.js
Requested by
Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=a9f2ab5771dd_969930&action=invite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 01:50:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Wed, 04 Oct 2023 01:50:03 GMT
collect
o.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.ofm.co.th/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.ofm.co.th
Date
Tue, 03 Oct 2023 01:50:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer
https://officemate.my.salesforce.com/
Origin
https://www.ofm.co.th
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/octet-stream

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture number| _gtm_init number| doNotTrack object| _gtm_ids function| _gtm_inject object| dataLayer object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| core object| $nuxt object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| hj object| _hjSettings object| rtbhEvents string| referer_url string| url_string object| url object| affiliate_id object| offer_id object| tid string| current_aff_id undefined| param function| setCookie number| timestamp number| OMID number| OPID string| ORef string| ssSessionId string| gclid function| readCookie function| eraseCookie function| checkCookie function| ssGetURLParameter function| ssSetCookie function| ssCalculateExpireDate object| _ltq function| _lt function| clarity string| TiktokAnalyticsObject object| ttq object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| docCookies function| getParams function| getCookieFromNewAtncts function| nextYear function| storeRkInCookie function| storeRkInLocalStorage object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| _ltc object| PZ3 object| pzConvData object| embedded_svc

32 Cookies

Domain/Path Name / Value
www.ofm.co.th/ Name: HWWAFSESID
Value: 4b1b49a9bc3f2f888c
www.ofm.co.th/ Name: HWWAFSESTIME
Value: 1696297791044
.ofm.co.th/ Name: _gcl_au
Value: 1.1.115278208.1696297796
.ofm.co.th/ Name: _gid
Value: GA1.3.2010818417.1696297796
.ofm.co.th/ Name: _gat_UA-11520015-31
Value: 1
.ofm.co.th/ Name: _ga_6D0LWJ3Z9P
Value: GS1.1.1696297796.1.0.1696297796.60.0.0
.ofm.co.th/ Name: _ga
Value: GA1.1.1178113406.1696297796
www.ofm.co.th/ Name: __rtbh.lid
Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22KCVtcz511TXW9qZiEIxS%22%7D
www.clarity.ms/ Name: CLID
Value: d26b6d6fefca45569b34e775c84c7470.20231003.20241002
.ofm.co.th/ Name: _fbp
Value: fb.2.1696297796617.279087877
.tiktok.com/ Name: _ttp
Value: 2WEVbOzLxEifZWGfblrTpwxx0W5
track.omguk.com/ Name: OMG-Channel-2339060
Value: Channel%3D
track.omguk.com/ Name: OMGID
Value: UUserID%3D%7B12c23440-5119-439c-afac-f51abbccf682%7D
track.omguk.com/ Name: OMGSession
Value: SessionID%3De86c2586dab04f39aacf9103271345e7%26SessionCount%3D0
.ofm.co.th/ Name: _hjSessionUser_3235515
Value: eyJpZCI6ImM1N2Q5MGMzLWNiYzktNTZmMC1iN2M4LWVjZjcwOThlYjgxZCIsImNyZWF0ZWQiOjE2OTYyOTc3OTY2NjgsImV4aXN0aW5nIjpmYWxzZX0=
.ofm.co.th/ Name: _hjFirstSeen
Value: 1
.ofm.co.th/ Name: _hjIncludedInSessionSample_3235515
Value: 0
.ofm.co.th/ Name: _hjSession_3235515
Value: eyJpZCI6IjQ4YmZjNmMzLTE0NzMtNDhhOS05MGVhLTQ1OGJkZDRkYzFmMiIsImNyZWF0ZWQiOjE2OTYyOTc3OTY2NjksImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.ofm.co.th/ Name: _hjAbsoluteSessionInProgress
Value: 0
.ofm.co.th/ Name: _clck
Value: xtbcte|2|ffj|0|1371
.ofm.co.th/ Name: _tt_enable_cookie
Value: 1
.ofm.co.th/ Name: _ttp
Value: GQnygyP_c-iq3-kzwJgY3cbSm6k
.www.ofm.co.th/ Name: __lt__cid
Value: 85ed494a-30ba-4f09-918d-e8a8ca091ae4
.www.ofm.co.th/ Name: __lt__sid
Value: 11b7a1c2-783064a0
.ofm.co.th/ Name: _clsk
Value: 1aycdti|1696297797220|1|1|o.clarity.ms/collect
.creativecdn.com/ Name: u
Value: IGmzxRCJIjNQ37NdRiDQ
.creativecdn.com/ Name: ts
Value: 1696297797
.line.me/ Name: _ldbrbid
Value: tr__k1y/XGUbc0U3aUUkN3LTAg==
.creativecdn.com/ Name: ar_debug
Value: 1
.adnxs.com/ Name: uuid2
Value: 7475348696336567927
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2HaQuDctw!@wnfH8KNLRGCM#=Bt>Fa$P]skzq4u3D<E/30w%v/zISe_fZM?/X%W#.wL4W1Qw2y`mTT>
.salesforce.com/ Name: BrowserId_sec
Value: KYWN32GPEe6n9etbeJ2tBQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
apis.ofm.co.th
asia.creativecdn.com
c.bing.com
c.clarity.ms
connect.facebook.net
d.la1-c1-ukb.salesforceliveagent.com
d.line-scdn.net
ib.adnxs.com
mstatic.priceza.com
o.clarity.ms
officemate--prepro.sandbox.my.salesforce.com
officemate.my.salesforce.com
region1.analytics.google.com
script.accesstrade.in.th
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tags.creativecdn.com
tr.line.me
track.omguk.com
u25616647.ct.sendgrid.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ofm.co.th
101.53.161.166
101.53.163.5
103.132.192.30
110.238.127.47
138.113.147.185
147.92.191.92
161.71.134.47
167.89.123.122
18.136.3.203
18.154.63.123
18.173.233.51
18.66.248.94
185.89.211.116
2.16.97.81
2001:4860:4802:32::36
23.38.98.10
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c0a::9b
2a02:6ea0:c700::17
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
52.152.143.207
54.72.93.38
68.219.88.97
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
0c0c46fb6987f0a78f05724036d48029d4e42a00ab50bdaec452cded93c2497f
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
222bca062fff28d2c253dde2d041cb3f01fd57f3c53b6ff3687fada3aecda8a1
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208
2c254471e5b86811af65785918d0edd65e2358d8d5c81fd6c0d26e409b922032
2f33e49fe01e14fcb939e3dae9d0f55a1255db92fd07428ae4f19916ee33fd39
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
3854bf6e90e3cb3c8f8ce04bc86cf7ac58d83b3ffbc4b1345ea7d112095b79ff
3d5b7e1092e9f2e8128d6bbce9eb959af629b71f1bea1fe192a91a761be6fd6a
40174ee2fc06c8bf3d13f29420f4167b978394f79a815b32b35c9c4fba304698
44e0ce08349b784a4d685f99d17d60cee66723ecf33bdc054afa78a75b0a04bb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
545410e2cc17b7485bff89b4368a900e14b0f1fcb2e39e5d1d52d42249d3e450
5b422290fa35ec4e75e70d77e2d476f09e1a3bf68e5ef4826ea93a44cd37b3ab
5e30b57fe5fb95c9f1bd9da916fae3298be9f90ec058313a16abe4c3aa52673d
668d96db81485cdc1744cee53b3052b65667aa8df0d267283556a8bc6d44fafb
6bccda5cdd4837ea4fa51beb49f38eb19244c4d89291735bbc757a6286fa1ac2
6f9438ebd123db38089ed2c31b92d6b20c7294dbda81b1a8f8b3871509b48ccf
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
79ea02dbfb25a4da91d7f66b6db3fe4eec410b4874e9c8235f535775cfd0f0cf
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7e14f2caafd07d1c838040ca762a43515823855f68686875ba6da67a0fe4d789
80e935233663141a5a8811c25e3469f190ec70764c47c2ae4d5fc67ba616848e
81905ec7149c967db6f0acd77c340f50851042e015775c9e449cf08df4d06a03
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8656f12ba561404c59a23750fc32e9f3deb673c42a0eb1a7d51f49d8c5f34676
913bd47aee05e1d13c2e80875fde9802753b8615b978c3e17384fef2b3d3e21a
95399e575747858c5f114498f8ea12812a8b26d73dd92465323dd50631ad8bad
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d4209dc09d783dfe01ddf538ad724c8d8c5dc73a46aad48cf45b1356d851b16
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a67640b4acf75b2bafbe7610bc53cee2b4cb28b300582df74fe90ff32f144130
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
adad878819ef5dc9c80dbd09904ed15010e86831e180a778375238c6fe66e509
ae88013fad7922ef9fa27a01f1f125d706f9717918e0ec328c24908e06757a7d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2788f78503dbfbfaa6c78a36d1aeb287e6bf1542850afea927bb654797eccaf
c50f43a9776a8fb9bc6b62de71ff2c4b1eede0893a14a563766139d1d9f81f42
ccc0d738401ecb0a97cf3c857f5e0dee85b6d3668711a30951b61663f0102b91
cdfcf93309704c876b077b35cc996c8704f7da188aee66ef6af6478c5af3d65e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb4eb4058f9309dd44fe39eb7b68abf4b0a164e084d9560056764d0c162c879
d28f8833bd640757d6781d6bf0cd19fa5e0fac699347aa2ca114237a43f66232
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d64aaaed412e937c167897ad7ecf4ce0232209a459ba973d574496c3f7dd634d
dab305af222ac633db3537b45d2f8ac5b56b88ac1b746717104066b55e2b6a90
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e127859f9a55ea4c9c087582d5642431d070b279f80331e18ba4c659e091f8fb
e2846026ebe599c8fb5b50143c706180dd7addf7ecf0dc8438828f4f9076756d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b481492c7e1f1e4b952309bc0801521f9b6ff83cbad217ec6ae678adc4d5f3
e8ce2c7816d5a0bb587ad0249f0aec0b6bd2c8947a109f291632619dbf32646c
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9338cbfdaea49d5d10f91fa0a78bb8aefa906aa974e7574c4131f57085b126
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30