auth.nmd.go.th Open in urlscan Pro
203.149.31.152  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response auth.nmd.go.th/	5 KB 2 KB	700ms 300ms	Document text/html	203.149.31.152 SAMART-INFONET-AS...
General Check archive.org Show headers Download Go to Full URL https://auth.nmd.go.th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.149.31.152 , Thailand, ASN4741 (SAMART-INFONET-AS Samart Infonet Co., Ltd., TH), Reverse DNS Software nginx/1.19.2 / PHP/7.4.1 Resource Hash 98c40e491875ea8764afae37936a50b3dd6ad06df73f697bfabd482bf22c7fd2 Request headers :method GET :authority auth.nmd.go.th :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx/1.19.2 date Wed, 29 Sep 2021 23:34:01 GMT content-type text/html; charset=UTF-8 content-length 1651 x-powered-by PHP/7.4.1 cache-control private, must-revalidate pragma no-cache expires -1 set-cookie XSRF-TOKEN=eyJpdiI6Im9ycjBJSjVNQkNFQjNBSnJCR0Vmc2c9PSIsInZhbHVlIjoiVDdURVhVckVjTFNyR2RnZFpUS1hteEQrSHcxMCt6YzBRR2J5SlFPMlI0TXQ2dEE4Zkcvc3ozbFFqdG83K3M0cXUydGVObUIvbXdSTHpOWXdFc3ZpNm1ETjVySUhjR1k3Q0dCamxPT3d0VTZ3MEs0WVRXekl2M2djY1g1dEt2bHEiLCJtYWMiOiIyM2VlYzE2ZjRmNzkwNTQ3NTZkNTVjMDI0YmVlYTliNDI4YWQ5YmJmNGU4ZTUxMTU0Njk4ZDFkNzk3ZDA5ZjNiIn0%3D; expires=Thu, 30-Sep-2021 01:34:01 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IkRwaDk3eWtmenQ0VzEvbGt5WHB2NWc9PSIsInZhbHVlIjoiS05SRUJSREVhcVlqa2NwQklyRVJGMHB6OUpTb2xDYzRyeUEvM1Y4N0FtUzRScTZsM09yMk5Kd0NTRGJ4TklSMWFFcFdSUUNzWXAzL3Q3YmlzNXl2RDFONEVOeldHSFZrOWNUN2ZuZHZKK2xCaDJGUGtRNUExMHZIT3YxZExSWUYiLCJtYWMiOiIzMTFkNGQzMmFkMGFjYTMzY2IzYWRmMWRlN2E2YTM2ZjNjM2ZjMDYwN2ZhMzc1NDdjNjBmYzNmYzExMDRkNWU3In0%3D; expires=Thu, 30-Sep-2021 01:34:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax vary Accept-Encoding content-encoding gzip
GET H2	200	app.css auth.nmd.go.th/css/	252 KB 39 KB	228ms 226ms	Stylesheet text/css	203.149.31.152 SAMART-INFONET-AS...
General Check archive.org Show headers Download Go to Full URL https://auth.nmd.go.th/css/app.css Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.149.31.152 , Thailand, ASN4741 (SAMART-INFONET-AS Samart Infonet Co., Ltd., TH), Reverse DNS Software nginx/1.19.2 / Resource Hash de8653dbddcd3085c8fac38569fead688999f8cb87496136ccff0a0853ad867c Request headers :path /css/app.css pragma no-cache cookie XSRF-TOKEN=eyJpdiI6Im9ycjBJSjVNQkNFQjNBSnJCR0Vmc2c9PSIsInZhbHVlIjoiVDdURVhVckVjTFNyR2RnZFpUS1hteEQrSHcxMCt6YzBRR2J5SlFPMlI0TXQ2dEE4Zkcvc3ozbFFqdG83K3M0cXUydGVObUIvbXdSTHpOWXdFc3ZpNm1ETjVySUhjR1k3Q0dCamxPT3d0VTZ3MEs0WVRXekl2M2djY1g1dEt2bHEiLCJtYWMiOiIyM2VlYzE2ZjRmNzkwNTQ3NTZkNTVjMDI0YmVlYTliNDI4YWQ5YmJmNGU4ZTUxMTU0Njk4ZDFkNzk3ZDA5ZjNiIn0%3D; laravel_session=eyJpdiI6IkRwaDk3eWtmenQ0VzEvbGt5WHB2NWc9PSIsInZhbHVlIjoiS05SRUJSREVhcVlqa2NwQklyRVJGMHB6OUpTb2xDYzRyeUEvM1Y4N0FtUzRScTZsM09yMk5Kd0NTRGJ4TklSMWFFcFdSUUNzWXAzL3Q3YmlzNXl2RDFONEVOeldHSFZrOWNUN2ZuZHZKK2xCaDJGUGtRNUExMHZIT3YxZExSWUYiLCJtYWMiOiIzMTFkNGQzMmFkMGFjYTMzY2IzYWRmMWRlN2E2YTM2ZjNjM2ZjMDYwN2ZhMzc1NDdjNjBmYzNmYzExMDRkNWU3In0%3D accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority auth.nmd.go.th referer https://auth.nmd.go.th/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 23:34:01 GMT content-encoding gzip last-modified Tue, 07 Sep 2021 14:29:47 GMT server nginx/1.19.2 etag "3ee48-5cb6898f84cc0-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 39353
GET H2	200	style.css auth.nmd.go.th/css/	649 B 404 B	227ms 226ms	Stylesheet text/css	203.149.31.152 SAMART-INFONET-AS...
General Check archive.org Show headers Download Go to Full URL https://auth.nmd.go.th/css/style.css Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.149.31.152 , Thailand, ASN4741 (SAMART-INFONET-AS Samart Infonet Co., Ltd., TH), Reverse DNS Software nginx/1.19.2 / Resource Hash f8bd3731baad731b66d0e2afaa2dc10713024c81861259cc681ddea2155c4e25 Request headers :path /css/style.css pragma no-cache cookie XSRF-TOKEN=eyJpdiI6Im9ycjBJSjVNQkNFQjNBSnJCR0Vmc2c9PSIsInZhbHVlIjoiVDdURVhVckVjTFNyR2RnZFpUS1hteEQrSHcxMCt6YzBRR2J5SlFPMlI0TXQ2dEE4Zkcvc3ozbFFqdG83K3M0cXUydGVObUIvbXdSTHpOWXdFc3ZpNm1ETjVySUhjR1k3Q0dCamxPT3d0VTZ3MEs0WVRXekl2M2djY1g1dEt2bHEiLCJtYWMiOiIyM2VlYzE2ZjRmNzkwNTQ3NTZkNTVjMDI0YmVlYTliNDI4YWQ5YmJmNGU4ZTUxMTU0Njk4ZDFkNzk3ZDA5ZjNiIn0%3D; laravel_session=eyJpdiI6IkRwaDk3eWtmenQ0VzEvbGt5WHB2NWc9PSIsInZhbHVlIjoiS05SRUJSREVhcVlqa2NwQklyRVJGMHB6OUpTb2xDYzRyeUEvM1Y4N0FtUzRScTZsM09yMk5Kd0NTRGJ4TklSMWFFcFdSUUNzWXAzL3Q3YmlzNXl2RDFONEVOeldHSFZrOWNUN2ZuZHZKK2xCaDJGUGtRNUExMHZIT3YxZExSWUYiLCJtYWMiOiIzMTFkNGQzMmFkMGFjYTMzY2IzYWRmMWRlN2E2YTM2ZjNjM2ZjMDYwN2ZhMzc1NDdjNjBmYzNmYzExMDRkNWU3In0%3D accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority auth.nmd.go.th referer https://auth.nmd.go.th/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 23:34:01 GMT content-encoding gzip last-modified Tue, 07 Sep 2021 14:29:47 GMT server nginx/1.19.2 etag "289-5cb6898f84cc0-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 227
GET H2	200	app.js Show response auth.nmd.go.th/js/	593 KB 109 KB	674ms 673ms	Script application/javascript	203.149.31.152 SAMART-INFONET-AS...
General Check archive.org Show headers Download Go to Full URL https://auth.nmd.go.th/js/app.js Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.149.31.152 , Thailand, ASN4741 (SAMART-INFONET-AS Samart Infonet Co., Ltd., TH), Reverse DNS Software nginx/1.19.2 / Resource Hash be3736dbde1ced27e3bb6cb474c86a289bdcce9384e672861b57e22f9344b1f8 Request headers :path /js/app.js pragma no-cache cookie XSRF-TOKEN=eyJpdiI6Im9ycjBJSjVNQkNFQjNBSnJCR0Vmc2c9PSIsInZhbHVlIjoiVDdURVhVckVjTFNyR2RnZFpUS1hteEQrSHcxMCt6YzBRR2J5SlFPMlI0TXQ2dEE4Zkcvc3ozbFFqdG83K3M0cXUydGVObUIvbXdSTHpOWXdFc3ZpNm1ETjVySUhjR1k3Q0dCamxPT3d0VTZ3MEs0WVRXekl2M2djY1g1dEt2bHEiLCJtYWMiOiIyM2VlYzE2ZjRmNzkwNTQ3NTZkNTVjMDI0YmVlYTliNDI4YWQ5YmJmNGU4ZTUxMTU0Njk4ZDFkNzk3ZDA5ZjNiIn0%3D; laravel_session=eyJpdiI6IkRwaDk3eWtmenQ0VzEvbGt5WHB2NWc9PSIsInZhbHVlIjoiS05SRUJSREVhcVlqa2NwQklyRVJGMHB6OUpTb2xDYzRyeUEvM1Y4N0FtUzRScTZsM09yMk5Kd0NTRGJ4TklSMWFFcFdSUUNzWXAzL3Q3YmlzNXl2RDFONEVOeldHSFZrOWNUN2ZuZHZKK2xCaDJGUGtRNUExMHZIT3YxZExSWUYiLCJtYWMiOiIzMTFkNGQzMmFkMGFjYTMzY2IzYWRmMWRlN2E2YTM2ZjNjM2ZjMDYwN2ZhMzc1NDdjNjBmYzNmYzExMDRkNWU3In0%3D accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority auth.nmd.go.th referer https://auth.nmd.go.th/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 23:34:01 GMT content-encoding gzip last-modified Tue, 07 Sep 2021 14:29:47 GMT server nginx/1.19.2 etag "943ac-5cb6898f84cc0-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	css2 fonts.googleapis.com/	21 KB 2 KB	46ms 22ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Sarabun:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9b392ad12741bdb2d9ea8c5c978c82c0a6bbce9714dbbbd497c13577b7486f19 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 29 Sep 2021 23:34:01 GMT server ESF date Wed, 29 Sep 2021 23:34:01 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Wed, 29 Sep 2021 23:34:01 GMT
GET H2	200	sdk.js Show response static.line-scdn.net/liff/edge/2/	679 KB 141 KB	93ms 11ms	Script application/javascript	2600:9000:2182:d000:4:e131:5cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.line-scdn.net/liff/edge/2/sdk.js Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:d000:4:e131:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software VOS / Resource Hash e00064f53bd3215a5507ce1874ca1df9b6883dc2edfd0d87d912e7d6e4c1022c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 05:11:07 GMT content-encoding br vary Accept-Encoding,Origin age 66173 x-edge-origin-shield-skipped 0 x-cache Hit from cloudfront last-modified Wed, 29 Sep 2021 05:09:53 GMT server VOS cache-control max-age=86400 etag W/"2761387765403317280e8b2ce6249b0d" strict-transport-security max-age=15768000 x-amz-version-id RURgIbs5G8BQ9HDhlKEaXz3t591xhhS via 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront) x-rgw-object-type Normal x-amz-cf-pop DUS51-C1 content-type application/javascript x-amz-cf-id 71w2ezPA9ukZ81vdTseLRTQiGMvQWt2tjERRjBEVIjjXZUy_iZLovw==
GET H2	200	logo-1.png auth.nmd.go.th/icon/	566 KB 567 KB	491ms 491ms	Image image/png	203.149.31.152 SAMART-INFONET-AS...
General Check archive.org Show headers Download Go to Show image Full URL https://auth.nmd.go.th/icon/logo-1.png Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.149.31.152 , Thailand, ASN4741 (SAMART-INFONET-AS Samart Infonet Co., Ltd., TH), Reverse DNS Software nginx/1.19.2 / Resource Hash 96a9caaf5575430c39d30de16c8d6cf635b1a997fc70ecdee7b96e1a011ffba9 Request headers :path /icon/logo-1.png pragma no-cache cookie XSRF-TOKEN=eyJpdiI6Im9ycjBJSjVNQkNFQjNBSnJCR0Vmc2c9PSIsInZhbHVlIjoiVDdURVhVckVjTFNyR2RnZFpUS1hteEQrSHcxMCt6YzBRR2J5SlFPMlI0TXQ2dEE4Zkcvc3ozbFFqdG83K3M0cXUydGVObUIvbXdSTHpOWXdFc3ZpNm1ETjVySUhjR1k3Q0dCamxPT3d0VTZ3MEs0WVRXekl2M2djY1g1dEt2bHEiLCJtYWMiOiIyM2VlYzE2ZjRmNzkwNTQ3NTZkNTVjMDI0YmVlYTliNDI4YWQ5YmJmNGU4ZTUxMTU0Njk4ZDFkNzk3ZDA5ZjNiIn0%3D; laravel_session=eyJpdiI6IkRwaDk3eWtmenQ0VzEvbGt5WHB2NWc9PSIsInZhbHVlIjoiS05SRUJSREVhcVlqa2NwQklyRVJGMHB6OUpTb2xDYzRyeUEvM1Y4N0FtUzRScTZsM09yMk5Kd0NTRGJ4TklSMWFFcFdSUUNzWXAzL3Q3YmlzNXl2RDFONEVOeldHSFZrOWNUN2ZuZHZKK2xCaDJGUGtRNUExMHZIT3YxZExSWUYiLCJtYWMiOiIzMTFkNGQzMmFkMGFjYTMzY2IzYWRmMWRlN2E2YTM2ZjNjM2ZjMDYwN2ZhMzc1NDdjNjBmYzNmYzExMDRkNWU3In0%3D accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority auth.nmd.go.th referer https://auth.nmd.go.th/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 23:34:01 GMT last-modified Tue, 07 Sep 2021 14:29:47 GMT server nginx/1.19.2 accept-ranges bytes etag "8d9cd-5cb6898f84cc0" content-length 580045 content-type image/png
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/8.6.3/	21 KB 7 KB	33ms 8ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.6.3/firebase-app.js Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4dcbaf51457660f0f4edbb916ba20fbb5003ba5bba923d60e41494ddca9d091a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 21:42:13 GMT content-encoding gzip x-content-type-options nosniff age 179508 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6922 x-xss-protection 0 last-modified Thu, 27 May 2021 21:16:38 GMT server sffe vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="firebase-js" expires Tue, 27 Sep 2022 21:42:13 GMT
GET H2	200	firebase-analytics.js Show response www.gstatic.com/firebasejs/8.6.3/	35 KB 11 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.6.3/firebase-analytics.js Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 21dae78ee628e074141e85750c0defe548a02408315120350f504ddb85b63eeb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 18:15:10 GMT content-encoding gzip x-content-type-options nosniff age 105531 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10768 x-xss-protection 0 last-modified Thu, 27 May 2021 21:16:36 GMT server sffe vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="firebase-js" expires Wed, 28 Sep 2022 18:15:10 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 577 B	18ms 17ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito Requested by Host: auth.nmd.go.th URL: https://auth.nmd.go.th/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 29 Sep 2021 23:02:55 GMT server ESF date Wed, 29 Sep 2021 23:34:01 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Wed, 29 Sep 2021 23:34:01 GMT
GET H2	200	XRXV3I6Li01BKofINeaB.woff2 fonts.gstatic.com/s/nunito/v16/	19 KB 19 KB	35ms 8ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://auth.nmd.go.th Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 08:53:12 GMT x-content-type-options nosniff age 52850 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18972 x-xss-protection 0 last-modified Wed, 25 Nov 2020 02:44:35 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 29 Sep 2022 08:53:12 GMT
GET H2	200	webConfig Show response firebase.googleapis.com/v1alpha/projects/-/apps/1:608270279113:web:fb239ce2881198677a4818/	271 B 371 B	516ms 516ms	Fetch application/json	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebase.googleapis.com/v1alpha/projects/-/apps/1:608270279113:web:fb239ce2881198677a4818/webConfig Requested by Host: www.gstatic.com URL: https://www.gstatic.com/firebasejs/8.6.3/firebase-analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6315afb7bcbea7a7df33f532bbb93f08477b43996bc1f7f0908e7b3841495f3c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept application/json Referer https://auth.nmd.go.th/ x-goog-api-key AIzaSyCazv5hzEV980mnfs808bk4Ypb-hz4GzfA Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 23:34:02 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://auth.nmd.go.th access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private vary Origin, X-Origin, Referer content-length 191 x-xss-protection 0
OPTIONS H2	200	webConfig firebase.googleapis.com/v1alpha/projects/-/apps/1:608270279113:web:fb239ce2881198677a4818/	0 0	78ms 22ms	Preflight text/html	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebase.googleapis.com/v1alpha/projects/-/apps/1:608270279113:web:fb239ce2881198677a4818/webConfig Protocol H2 Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-goog-api-key Origin https://auth.nmd.go.th User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://auth.nmd.go.th vary origin referer x-origin access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers x-goog-api-key access-control-max-age 3600 date Wed, 29 Sep 2021 23:34:02 GMT content-type text/html server ESF content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	installations Show response firebaseinstallations.googleapis.com/v1/projects/nmd-authenticate/	576 B 640 B	308ms 307ms	Fetch application/json	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/nmd-authenticate/installations Requested by Host: www.gstatic.com URL: https://www.gstatic.com/firebasejs/8.6.3/firebase-analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a99355699985cc447e9ba3daaa2ca62ca30cb1e9827b3d75b9a6f7c055181794 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept application/json Referer https://auth.nmd.go.th/ x-goog-api-key AIzaSyCazv5hzEV980mnfs808bk4Ypb-hz4GzfA Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers date Wed, 29 Sep 2021 23:34:02 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://auth.nmd.go.th access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private vary Origin, X-Origin, Referer content-length 450 x-xss-protection 0
OPTIONS H2	200	installations firebaseinstallations.googleapis.com/v1/projects/nmd-authenticate/	0 0	62ms 15ms	Preflight text/html	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/nmd-authenticate/installations Protocol H2 Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-goog-api-key Origin https://auth.nmd.go.th User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://auth.nmd.go.th vary origin referer x-origin access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-headers content-type,x-goog-api-key access-control-max-age 3600 date Wed, 29 Sep 2021 23:34:02 GMT content-type text/html server ESF content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	js Show response www.googletagmanager.com/gtag/	103 KB 42 KB	57ms 34ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-7X75L6450R Requested by Host: www.gstatic.com URL: https://www.gstatic.com/firebasejs/8.6.3/firebase-analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f4116d357fe1897dc4b87aae0b2cdd1c9fa72fd8e6cf3840c1b20f76faf22044 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://auth.nmd.go.th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 23:34:03 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42296 x-xss-protection 0 expires Wed, 29 Sep 2021 23:34:03 GMT
POST H2	204	collect www.google-analytics.com/g/	0 367 B	41ms 14ms	Ping text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-7X75L6450R&gtm=2oe9r0&_p=1758097682&sr=1600x1200&ul=en-us&_fid=cTBTSD-RIV43P-mNlYxDNj&cid=244586673.1632958443&_s=1&dl=https%3A%2F%2Fauth.nmd.go.th%2F&dt=NMD%20%7C%20%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B9%81%E0%B8%9E%E0%B8%97%E0%B8%A2%E0%B9%8C%E0%B8%97%E0%B8%AB%E0%B8%B2%E0%B8%A3%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B8%AD&sid=1632958443&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.origin=firebase Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-7X75L6450R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://auth.nmd.go.th/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 29 Sep 2021 23:34:03 GMT server Golfe2 content-type text/plain access-control-allow-origin https://auth.nmd.go.th cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| _ function| axios function| setImmediate function| clearImmediate object| regeneratorRuntime object| liff object| firebase object| firebaseConfig object| dataLayer function| gtag object| google_tag_manager object| google_tag_data object| gaGlobal

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth.nmd.go.th/	1970-01-19 21:36:05	Name: XSRF-TOKEN Value: eyJpdiI6Im9ycjBJSjVNQkNFQjNBSnJCR0Vmc2c9PSIsInZhbHVlIjoiVDdURVhVckVjTFNyR2RnZFpUS1hteEQrSHcxMCt6YzBRR2J5SlFPMlI0TXQ2dEE4Zkcvc3ozbFFqdG83K3M0cXUydGVObUIvbXdSTHpOWXdFc3ZpNm1ETjVySUhjR1k3Q0dCamxPT3d0VTZ3MEs0WVRXekl2M2djY1g1dEt2bHEiLCJtYWMiOiIyM2VlYzE2ZjRmNzkwNTQ3NTZkNTVjMDI0YmVlYTliNDI4YWQ5YmJmNGU4ZTUxMTU0Njk4ZDFkNzk3ZDA5ZjNiIn0%3D
			auth.nmd.go.th/	1970-01-19 21:36:05	Name: laravel_session Value: eyJpdiI6IkRwaDk3eWtmenQ0VzEvbGt5WHB2NWc9PSIsInZhbHVlIjoiS05SRUJSREVhcVlqa2NwQklyRVJGMHB6OUpTb2xDYzRyeUEvM1Y4N0FtUzRScTZsM09yMk5Kd0NTRGJ4TklSMWFFcFdSUUNzWXAzL3Q3YmlzNXl2RDFONEVOeldHSFZrOWNUN2ZuZHZKK2xCaDJGUGtRNUExMHZIT3YxZExSWUYiLCJtYWMiOiIzMTFkNGQzMmFkMGFjYTMzY2IzYWRmMWRlN2E2YTM2ZjNjM2ZjMDYwN2ZhMzc1NDdjNjBmYzNmYzExMDRkNWU3In0%3D
			.nmd.go.th/	1970-01-20 15:07:10	Name: _ga_7X75L6450R Value: GS1.1.1632958443.1.0.1632958443.0
			.nmd.go.th/	1970-01-20 15:07:10	Name: _ga Value: GA1.1.244586673.1632958443

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.nmd.go.th
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
static.line-scdn.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
203.149.31.152
2600:9000:2182:d000:4:e131:5cc0:93a1
2a00:1450:4001:801::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
21dae78ee628e074141e85750c0defe548a02408315120350f504ddb85b63eeb
4dcbaf51457660f0f4edbb916ba20fbb5003ba5bba923d60e41494ddca9d091a
6315afb7bcbea7a7df33f532bbb93f08477b43996bc1f7f0908e7b3841495f3c
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
96a9caaf5575430c39d30de16c8d6cf635b1a997fc70ecdee7b96e1a011ffba9
98c40e491875ea8764afae37936a50b3dd6ad06df73f697bfabd482bf22c7fd2
9b392ad12741bdb2d9ea8c5c978c82c0a6bbce9714dbbbd497c13577b7486f19
a99355699985cc447e9ba3daaa2ca62ca30cb1e9827b3d75b9a6f7c055181794
be3736dbde1ced27e3bb6cb474c86a289bdcce9384e672861b57e22f9344b1f8
de8653dbddcd3085c8fac38569fead688999f8cb87496136ccff0a0853ad867c
e00064f53bd3215a5507ce1874ca1df9b6883dc2edfd0d87d912e7d6e4c1022c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4116d357fe1897dc4b87aae0b2cdd1c9fa72fd8e6cf3840c1b20f76faf22044
f8bd3731baad731b66d0e2afaa2dc10713024c81861259cc681ddea2155c4e25