www.ofm.co.th Open in urlscan Pro
157.185.179.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Submission: On October 02 via manual (October 2nd 2023, 3:10:33 am UTC) from TH — Scanned from CA

Summary HTTP 81 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 81 HTTP transactions. The main IP is 157.185.179.12, located in United States and belongs to ML-1432-54994, CA. The main domain is www.ofm.co.th. The Cisco Umbrella rank of the primary domain is 660322.
TLS certificate: Issued by Thawte RSA CA 2018 on September 22nd 2022. Valid for: a year.

This is the only time www.ofm.co.th was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	157.185.179.12 157.185.179.12	54994 (ML-1432-5...) (ML-1432-54994)
2	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
1	161.71.133.47 161.71.133.47	14340 (SALESFORCE) (SALESFORCE)
2	110.238.127.46 110.238.127.46	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
3	142.251.111.113 142.251.111.113	15169 (GOOGLE) (GOOGLE)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
1	18.136.3.203 18.136.3.203	16509 (AMAZON-02) (AMAZON-02)
1	18.160.41.53 18.160.41.53	16509 (AMAZON-02) (AMAZON-02)
1	89.187.177.16 89.187.177.16	60068 (CDN77 ^_^) (CDN77 ^_^)
1	108.138.106.33 108.138.106.33	16509 (AMAZON-02) (AMAZON-02)
1	52.70.180.234 52.70.180.234	14618 (AMAZON-AES) (AMAZON-AES)
1	23.48.25.101 23.48.25.101	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.107.253.38 13.107.253.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	23.40.18.191 23.40.18.191	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.253.63.102 172.253.63.102	15169 (GOOGLE) (GOOGLE)
2	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
2	142.250.31.94 142.250.31.94	15169 (GOOGLE) (GOOGLE)
4	99.84.191.77 99.84.191.77	16509 (AMAZON-02) (AMAZON-02)
2	31.13.80.36 31.13.80.36	32934 (FACEBOOK) (FACEBOOK)
1	142.251.111.99 142.251.111.99	15169 (GOOGLE) (GOOGLE)
4	104.211.35.148 104.211.35.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
1 6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
11	101.53.160.166 101.53.160.166	14340 (SALESFORCE) (SALESFORCE)
1 2	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	20.125.209.212 20.125.209.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	101.53.161.5 101.53.161.5	14340 (SALESFORCE) (SALESFORCE)
81	28

21 157.185.179.12 (United States)

ASN54994 (ML-1432-54994, CA)

www.ofm.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.71.133.47 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl6-ncg1-c3-hnd3.cs290-hn3.salesforce.com

officemate--prepro.sandbox.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 110.238.127.46 (Bangkok, Thailand)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-110-238-127-46.compute.hwclouds-dns.com

apis.ofm.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.111.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.3.203 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-3-203.ap-southeast-1.compute.amazonaws.com

mstatic.priceza.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.177.16 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 135577161.nyc.cdn77.com

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-33.jfk50.r.cloudfront.net

script.accesstrade.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.180.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-180-234.compute-1.amazonaws.com

track.omguk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.25.101 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-25-101.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.253.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.40.18.191 (West Orange, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-18-191.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f102.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.191.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.80.36 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.211.35.148 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

y.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore) 1 redirects

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 101.53.160.166 (Japan)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ukb.ap6-ukb.my.salesforce.com

officemate.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.184 (New York, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.125.209.212 (Chicago, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 101.53.161.5 (Japan)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ukb.la1-c1-ukb.salesforceliveagent.com

d.la1-c1-ukb.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	ofm.co.th www.ofm.co.th — Cisco Umbrella Rank: 660322 apis.ofm.co.th — Cisco Umbrella Rank: 739884	2 MB
12	salesforce.com officemate--prepro.sandbox.my.salesforce.com officemate.my.salesforce.com — Cisco Umbrella Rank: 851639	44 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 y.clarity.ms — Cisco Umbrella Rank: 9447 c.clarity.ms — Cisco Umbrella Rank: 2092	23 KB
7	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 8550 asia.creativecdn.com — Cisco Umbrella Rank: 26523	5 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 875	140 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1261 script.hotjar.com — Cisco Umbrella Rank: 1629	110 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	salesforceliveagent.com d.la1-c1-ukb.salesforceliveagent.com — Cisco Umbrella Rank: 445005	5 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	233 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 8716	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	395 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 270 www.google.com — Cisco Umbrella Rank: 11	661 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	205 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 481	763 B
1	line.me tr.line.me — Cisco Umbrella Rank: 17467	425 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 17584	10 KB
1	omguk.com track.omguk.com — Cisco Umbrella Rank: 37305	556 B
1	accesstrade.in.th script.accesstrade.in.th — Cisco Umbrella Rank: 410829	6 KB
1	priceza.com mstatic.priceza.com — Cisco Umbrella Rank: 318113	2 KB
81	21

	Domain	Requested by
21	www.ofm.co.th	www.ofm.co.th
11	officemate.my.salesforce.com	officemate--prepro.sandbox.my.salesforce.com officemate.my.salesforce.com
6	asia.creativecdn.com	1 redirects www.ofm.co.th tags.creativecdn.com
5	analytics.tiktok.com	www.ofm.co.th analytics.tiktok.com
4	y.clarity.ms	www.clarity.ms
4	script.hotjar.com	static.hotjar.com script.hotjar.com www.ofm.co.th
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ofm.co.th
2	d.la1-c1-ukb.salesforceliveagent.com	officemate.my.salesforce.com
2	c.clarity.ms	1 redirects
2	ib.adnxs.com	1 redirects www.ofm.co.th
2	www.facebook.com	www.ofm.co.th
2	www.google.ca	www.ofm.co.th
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	www.ofm.co.th www.clarity.ms
2	connect.facebook.net	www.ofm.co.th connect.facebook.net
2	apis.ofm.co.th	www.ofm.co.th
2	www.googletagmanager.com	www.ofm.co.th www.googletagmanager.com
1	c.bing.com	1 redirects
1	tr.line.me	www.ofm.co.th
1	www.google.com	www.ofm.co.th
1	analytics.google.com	www.googletagmanager.com
1	d.line-scdn.net	www.ofm.co.th
1	track.omguk.com	www.ofm.co.th
1	script.accesstrade.in.th	www.ofm.co.th
1	tags.creativecdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	mstatic.priceza.com	www.googletagmanager.com
1	officemate--prepro.sandbox.my.salesforce.com	www.ofm.co.th
81	28

This site contains links to these domains. Also see Links.

Domain
bit.ly
www.centralgroup.com
www.col.co.th
www.ofmplus.com
www.b2s.co.th
www.central.co.th
www.mebmarket.com
www.powerbuy.co.th
www.robinson.co.th
www.supersports.co.th
www.tops.co.th
topsvita.com
www.petnme.co.th
www.thaiwatsadu.com
printing.officemate.co.th
rewards.officemate.co.th
www.the1.co.th
www.facebook.com
instagram.com

Subject Issuer	Validity	Valid
*.ofm.co.th Thawte RSA CA 2018	`2022-09-22` - `2023-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
cs290.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-11` - `2024-01-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.priceza.com Go Daddy Secure Certificate Authority - G2	`2022-12-21` - `2024-01-22`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
1589314308.rsc.cdn77.org R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.accesstrade.in.th AlphaSSL CA - SHA256 - G4	`2023-01-12` - `2024-02-13`	a year	crt.sh
*.omguk.com Amazon RSA 2048 M01	`2023-07-16` - `2024-08-13`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-11` - `2024-01-11`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2023-08-10` - `2024-09-10`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
ap6.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-16`	a year	crt.sh
la1-c1-ukb.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-10` - `2024-01-09`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Frame ID: C399D9F7A754286B752EA737E712B6B7
Requests: 71 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0AF6B3D3CE29DAF7F9230CC1A61CEE99
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/fledge-igmembership?ntk=TigdMrm1et1lbjwoDFefxCGEAzKbLon_YQS5nb49ul83nQgdnSdMX_su8OGBeCYGKuVJaEFl4yWRZ8sNMIRPHg
Frame ID: 92F6462B46CB4775919D3FFD9848B69D
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/topics-membership?ntk=Jse5DSpmd7MuIvMSsxWVZWu44W911OUTjPNR-KyeoLuykXdJHGrEnnVu1NsLFHR67FovUOoewGC5VXix_qXsmw
Frame ID: C320C9B4A468ECD38190DE9CCFA977D4
Requests: 1 HTTP requests in this frame

Frame: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Frame ID: AD34AFFF588877830426FA102C672718
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OFM Biz มีครบ จบไว สั่งง่าย ได้เร็ว

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Optimise (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

track\.omguk\.com

Page Statistics

81
Requests

96 %
HTTPS

0 %
IPv6

21
Domains

28
Subdomains

28
IPs

5
Countries

2606 kB
Transfer

9713 kB
Size

39
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://bit.ly/LineOfficeMate
Title: @officemate

Search URL Search Domain Scan URL

URL: https://bit.ly/3bjy4Db
Title: การเช็คสถานะการสั่งซื้อ

Search URL Search Domain Scan URL

URL: http://www.centralgroup.com/
Title: เกี่ยวกับ COL

Search URL Search Domain Scan URL

URL: http://www.col.co.th/ir.html
Title: นักลงทุนสัมพันธ์

Search URL Search Domain Scan URL

URL: https://www.ofmplus.com/
Title: ลงทุนแฟรนไชส์ออฟฟิศเมท พลัส

Search URL Search Domain Scan URL

URL: http://www.b2s.co.th/
Title: B2S

Search URL Search Domain Scan URL

URL: https://www.central.co.th/th
Title: CENTRAL

Search URL Search Domain Scan URL

URL: https://www.mebmarket.com/
Title: MEB

Search URL Search Domain Scan URL

URL: https://www.powerbuy.co.th/
Title: POWER BUY

Search URL Search Domain Scan URL

URL: https://www.robinson.co.th/
Title: ROBINSON

Search URL Search Domain Scan URL

URL: https://www.supersports.co.th/
Title: SUPERSPORTS

Search URL Search Domain Scan URL

URL: https://www.tops.co.th/
Title: TOPS

Search URL Search Domain Scan URL

URL: https://topsvita.com/?utm_source=partner_ofm&utm_medium=web_banner&utm_campaign=|partner_ofm|web_banner|awo
Title: TOPS VITA

Search URL Search Domain Scan URL

URL: https://www.petnme.co.th/
Title: PET 'N ME

Search URL Search Domain Scan URL

URL: https://www.thaiwatsadu.com/
Title: THAIWATSADU

Search URL Search Domain Scan URL

URL: https://printing.officemate.co.th/
Title: Printing Solution

Search URL Search Domain Scan URL

URL: https://rewards.officemate.co.th/
Title: Member Rewards

Search URL Search Domain Scan URL

URL: https://www.the1.co.th/
Title: The 1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/officemate.co.th

Search URL Search Domain Scan URL

URL: https://instagram.com/officemate_thailand?igshid=YmMyMTA2M2Y=

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://asia.creativecdn.com/tags/v2?type=json HTTP 307
https://asia.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 65

https://ib.adnxs.com/setuid?entity=315&code=22xH9eImGL82VAOwaBys HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D22xH9eImGL82VAOwaBys

Request Chain 68

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D9E37F4A936B456B86A3303CDED285CE&RedC=c.clarity.ms&MXFR=36475699F3B76C0E1D414507F7B7628A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9E37F4A936B456B86A3303CDED285CE&MUID=2257568D2D5C691D13A445132CF668F1

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request newpassword Show response
www.ofm.co.th/ 29 KB
9 KB 1909ms
774ms Document
text/html 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 79ea02dbfb25a4da91d7f66b6db3fe4eec410b4874e9c8235f535775cfd0f0cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 02 Oct 2023 03:10:17 GMT
etag: "733f-SlXYGySum281+/khOMc4bfPm0Qo"
server: CloudWAF
x-via: 1.1 PSmgzjgORD1rk42:24 (Cdn Cache Server V2.0)
x-ws-request-id: 651a3498_PSmgzjgORD1dr60_1754-22057

GET
H2 200 024d5ad.js Show response
www.ofm.co.th/_nuxt/ 3 KB
2 KB 34ms
32ms Script
application/javascript 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/024d5ad.js
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 40174ee2fc06c8bf3d13f29420f4167b978394f79a815b32b35c9c4fba304698

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"dec-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22155
content-type: application/javascript; charset=UTF-8
x-via: 1.1 PSrbJP1de68:9 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:1 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 59bb335.js Show response
www.ofm.co.th/_nuxt/ 282 KB
97 KB 71ms
69ms Script
application/javascript 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/59bb335.js
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: e4b481492c7e1f1e4b952309bc0801521f9b6ff83cbad217ec6ae678adc4d5f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"4695a-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22157
content-type: application/javascript; charset=UTF-8
x-via: 1.1 PSrbJP1ww66:1 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:9 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 b431b51.css
www.ofm.co.th/_nuxt/css/ 478 KB
87 KB 41ms
39ms Stylesheet
text/css 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: e127859f9a55ea4c9c087582d5642431d070b279f80331e18ba4c659e091f8fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"77879-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22156
content-type: text/css; charset=UTF-8
x-via: 1.1 PSrbJP1al65:9 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:20 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 b8eb4de.js Show response
www.ofm.co.th/_nuxt/ 2 MB
357 KB 90ms
89ms Script
application/javascript 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/b8eb4de.js
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: d28f8833bd640757d6781d6bf0cd19fa5e0fac699347aa2ca114237a43f66232

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"20d927-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22158
content-type: application/javascript; charset=UTF-8
x-via: 1.1 PSrbJP1al65:0 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:13 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 366f438.js Show response
www.ofm.co.th/_nuxt/ 4 MB
1 MB 87ms
86ms Script
application/javascript 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/366f438.js
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 3d5b7e1092e9f2e8128d6bbce9eb959af629b71f1bea1fe192a91a761be6fd6a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"3ce540-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22159
content-type: application/javascript; charset=UTF-8
x-via: 1.1 PSrbJP1tu67:1 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:9 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ofm-logo.png
www.ofm.co.th/_ipx/f_webp,q_100,s_90x45/https://ofm-cdn0.ofm.co.th/images/logo/ 2 KB
2 KB 70ms
66ms Image
image/webp 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofm.co.th/_ipx/f_webp,q_100,s_90x45/https://ofm-cdn0.ofm.co.th/images/logo/ofm-logo.png

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

CloudWAF /

Resource Hash

b2788f78503dbfbfaa6c78a36d1aeb287e6bf1542850afea927bb654797eccaf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-security-policy: default-src 'none'
last-modified: 1665125449000
server: CloudWAF
age: 1
etag: \"782-RM8h8ZbAVHi9BUNJyPt8ulQqpwc\"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22163
content-type: image/webp
x-via: 1.1 PSrbJP1de68:0 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:24 (Cdn Cache Server V2.0)
cache-control: max-age=300, public, s-maxage=300

GET
H2 200 footer-1.ca77867.png
www.ofm.co.th/_nuxt/img/ 3 KB
3 KB 70ms
66ms Image
image/png 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/footer-1.ca77867.png
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 5e30b57fe5fb95c9f1bd9da916fae3298be9f90ec058313a16abe4c3aa52673d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Tue, 15 Aug 2023 10:55:49 GMT
server: CloudWAF
age: 1
etag: W/"aa5-189f8d66b08"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22164
content-type: image/png
x-via: 1.1 PSrbJP1de68:5 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:19 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2725

GET
H2 200 footer-2.499d843.png
www.ofm.co.th/_nuxt/img/ 3 KB
3 KB 70ms
67ms Image
image/png 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/footer-2.499d843.png
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 44e0ce08349b784a4d685f99d17d60cee66723ecf33bdc054afa78a75b0a04bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Thu, 13 Jul 2023 10:58:29 GMT
server: CloudWAF
age: 1
etag: W/"a6b-1894ee70008"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22165
content-type: image/png
x-via: 1.1 dj136:9 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:3 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2667

GET
H2 200 footer-3.0809e73.png
www.ofm.co.th/_nuxt/img/ 2 KB
3 KB 70ms
67ms Image
image/png 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/footer-3.0809e73.png
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 7e14f2caafd07d1c838040ca762a43515823855f68686875ba6da67a0fe4d789

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Thu, 13 Jul 2023 10:58:29 GMT
server: CloudWAF
age: 1
etag: W/"9ad-1894ee70008"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22166
content-type: image/png
x-via: 1.1 PSrbJP1ww66:5 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:23 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2477

GET
H2 200 footer-4.e04924c.png
www.ofm.co.th/_nuxt/img/ 3 KB
3 KB 71ms
68ms Image
image/png 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/footer-4.e04924c.png
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: e2846026ebe599c8fb5b50143c706180dd7addf7ecf0dc8438828f4f9076756d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Thu, 13 Jul 2023 10:58:29 GMT
server: CloudWAF
age: 1
etag: W/"b1d-1894ee70008"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22167
content-type: image/png
x-via: 1.1 dj136:10 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:3 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2845

GET
H2 200 footer-5.0c649c6.png
www.ofm.co.th/_nuxt/img/ 2 KB
3 KB 71ms
68ms Image
image/png 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/footer-5.0c649c6.png
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: adad878819ef5dc9c80dbd09904ed15010e86831e180a778375238c6fe66e509

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Thu, 15 Jun 2023 10:48:11 GMT
server: CloudWAF
age: 1
etag: W/"8ea-188beab81f8"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22168
content-type: image/png
x-via: 1.1 PSrbJP1de68:3 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:21 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2282

GET
H2 200 contact_center.a5d2eb3.png
www.ofm.co.th/_nuxt/img/ 7 KB
7 KB 71ms
69ms Image
image/png 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/contact_center.a5d2eb3.png
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 2c254471e5b86811af65785918d0edd65e2358d8d5c81fd6c0d26e409b922032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Tue, 01 Aug 2023 11:24:22 GMT
server: CloudWAF
age: 1
etag: W/"1b32-189b0d78670"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22169
content-type: image/png
x-via: 1.1 PSrbJP1al65:9 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:20 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6962

GET
H2 200 IG.66f6c85.png
www.ofm.co.th/_nuxt/img/ 1 KB
2 KB 72ms
70ms Image
image/png 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/IG.66f6c85.png
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: ae88013fad7922ef9fa27a01f1f125d706f9717918e0ec328c24908e06757a7d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Thu, 13 Jul 2023 10:58:29 GMT
server: CloudWAF
age: 1
etag: W/"5e0-1894ee70008"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22170
content-type: image/png
x-via: 1.1 PSrbJP1ww66:2 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:3 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1504

GET
H2 200 line.e33d312.png
www.ofm.co.th/_nuxt/img/ 3 KB
3 KB 71ms
70ms Image
image/png 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/line.e33d312.png
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 6f9438ebd123db38089ed2c31b92d6b20c7294dbda81b1a8f8b3871509b48ccf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Thu, 13 Jul 2023 10:58:29 GMT
server: CloudWAF
age: 1
etag: W/"caf-1894ee70008"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22171
content-type: image/png
x-via: 1.1 dj136:7 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:22 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3247

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 458 KB
114 KB 164ms
77ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

03e0eb77373bf81bfda8200877b5aea4cc604d75fec6badee9505717778eb1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 116788
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 03:10:17 GMT

GET
DATA 200
OK truncated
/ 990 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81905ec7149c967db6f0acd77c340f50851042e015775c9e449cf08df4d06a03

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 epro.c4a6694.ttf
www.ofm.co.th/_nuxt/fonts/ 9 KB
6 KB 40ms
33ms Font
font/ttf 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/fonts/epro.c4a6694.ttf
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: ef9338cbfdaea49d5d10f91fa0a78bb8aefa906aa974e7574c4131f57085b126

Request headers

Referer: https://www.ofm.co.th/_nuxt/css/b431b51.css
Origin: https://www.ofm.co.th
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"2498-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22176
content-type: font/ttf
x-via: 1.1 PSrbJP1al65:0 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:3 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 Kanit-Regular.f3bae13.ttf
www.ofm.co.th/_nuxt/fonts/ 166 KB
66 KB 39ms
33ms Font
font/ttf 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/fonts/Kanit-Regular.f3bae13.ttf
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 545410e2cc17b7485bff89b4368a900e14b0f1fcb2e39e5d1d52d42249d3e450

Request headers

Referer: https://www.ofm.co.th/_nuxt/css/b431b51.css
Origin: https://www.ofm.co.th
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"29710-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22177
content-type: font/ttf
x-via: 1.1 PSrbJP1tu67:3 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:22 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 Kanit-Medium.786fd6b.ttf
www.ofm.co.th/_nuxt/fonts/ 167 KB
67 KB 39ms
34ms Font
font/ttf 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/fonts/Kanit-Medium.786fd6b.ttf
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: 3854bf6e90e3cb3c8f8ce04bc86cf7ac58d83b3ffbc4b1345ea7d112095b79ff

Request headers

Referer: https://www.ofm.co.th/_nuxt/css/b431b51.css
Origin: https://www.ofm.co.th
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"29d48-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22178
content-type: font/ttf
x-via: 1.1 PSrbJP1al65:7 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:16 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 Kanit-Light.7b6b955.ttf
www.ofm.co.th/_nuxt/fonts/ 164 KB
65 KB 40ms
34ms Font
font/ttf 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/fonts/Kanit-Light.7b6b955.ttf
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/css/b431b51.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: e8ce2c7816d5a0bb587ad0249f0aec0b6bd2c8947a109f291632619dbf32646c

Request headers

Referer: https://www.ofm.co.th/_nuxt/css/b431b51.css
Origin: https://www.ofm.co.th
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"29064-18aad0ac9c0"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22179
content-type: font/ttf
x-via: 1.1 PSrbJP1al65:6 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1rk42:14 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H/1.1 200
OK esw.min.js Show response
officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/ 30 KB
9 KB 1774ms
184ms Script
application/x-javascript 161.71.133.47
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/b8eb4de.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.133.47 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c3-hnd3.cs290-hn3.salesforce.com

Software

Resource Hash

f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:19 GMT

GET
H2 200 PreLoad_ofm.1a393ce.gif
www.ofm.co.th/_nuxt/img/ 35 KB
35 KB 32ms
32ms Image
image/gif 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ofm.co.th/_nuxt/img/PreLoad_ofm.1a393ce.gif
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: c50f43a9776a8fb9bc6b62de71ff2c4b1eede0893a14a563766139d1d9f81f42

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
last-modified: Thu, 10 Aug 2023 10:36:27 GMT
server: CloudWAF
age: 1
etag: W/"8b32-189df04e3f8"
x-ws-request-id: 651a3499_PSmgzjgORD1dr60_1754-22219
content-type: image/gif
x-via: 1.1 PSrbJP1tu67:9 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:10 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35634

POST
H/1.1 201
Created verifyOTP Show response
apis.ofm.co.th/authentication/api/v1/Credentials/ 433 B
999 B 643ms
642ms XHR
application/json 110.238.127.46
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.ofm.co.th/authentication/api/v1/Credentials/verifyOTP?open_id=1843a97b6d1f&otp_code=943779
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/59bb335.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 110.238.127.46 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-110-238-127-46.compute.hwclouds-dns.com
Software: CloudWAF /
Resource Hash: 5d714e83972fb0aa696822a65f1a227fbe91beeb153e671de112ef8673236a36

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ofm.co.th/
user-locale: th
accept-language: en-CA,en;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 02 Oct 2023 03:10:19 GMT
Via: kong/2.5.0
Server: CloudWAF
api-supported-versions: 1.0
X-Kong-Proxy-Latency: 0
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ofm.co.th
Location: http://service-ofm-authentication-api.ofm.co.th/api/v1/Credentials/verifyOTP
X-Kong-Upstream-Latency: 195
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 433

OPTIONS
H/1.1 204
No Content verifyOTP
apis.ofm.co.th/authentication/api/v1/Credentials/ Frame 0
0 1529ms
291ms Preflight 110.238.127.46
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.ofm.co.th/authentication/api/v1/Credentials/verifyOTP?open_id=1843a97b6d1f&otp_code=943779
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 110.238.127.46 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-110-238-127-46.compute.hwclouds-dns.com
Software: CloudWAF /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,user-locale
Access-Control-Request-Method: POST
Origin: https://www.ofm.co.th
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type,user-locale
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.ofm.co.th
Connection: keep-alive
Date: Mon, 02 Oct 2023 03:10:19 GMT
Server: CloudWAF
Vary: Origin
Via: kong/2.5.0
X-Kong-Proxy-Latency: 0
X-Kong-Upstream-Latency: 5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 111ms
36ms Script
text/javascript 142.251.111.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 01:32:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5894
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 02 Oct 2023 03:32:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 114ms
38ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Oct 2023 03:10:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53277
x-xss-protection: 0
pragma: public
x-fb-debug: G/cdYVSDmy9HDNi89TOavHmz6UpoZxt86DQ6rxogF8WxAs+WQ1CgwQ5tYZDvR9g69rrX2851JRWVhrQ36IR+Rg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracking-3.0.js Show response
mstatic.priceza.com/js/ 7 KB
2 KB 780ms
258ms Script
application/javascript 18.136.3.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mstatic.priceza.com/js/tracking-3.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.3.203 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-3-203.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0c0c46fb6987f0a78f05724036d48029d4e42a00ab50bdaec452cded93c2497f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:18 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 09:52:59 GMT
server: nginx
etag: "6513fb7b-77e"
content-type: application/javascript
cache-control: max-age=86400
content-length: 1918
expires: Tue, 03 Oct 2023 03:10:18 GMT

GET
H2 200 hotjar-3235515.js Show response
static.hotjar.com/c/ 15 KB
6 KB 147ms
42ms Script
application/javascript 18.160.41.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3235515.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-53.iad55.r.cloudfront.net

Software

Resource Hash

55fc8b4a0b66e2f9e18294e598856d77cb0879710dd71daa8a8cf31f3ec9486e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 03:10:18 GMT
via: 1.1 f7c749b4d9ba39d7629c0f2f434dfc76.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
age: 7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/43a5829f40b2a02bbef49d9f0a74a04d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: s6TNe9Ac2Yy4kMT5ble90qjO1CJMokbC4sJal9cCFeBVsitFxVtFaw==

GET
H2 200 eYyrBlV2DqhIXttPPGKW.js Show response
tags.creativecdn.com/ 4 KB
2 KB 401ms
312ms Script
application/javascript 89.187.177.16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/eYyrBlV2DqhIXttPPGKW.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.177.16 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 135577161.nyc.cdn77.com
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 02 Oct 2023 03:10:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu5OeZNByNZO5PyqWz1h0w3i18FnnkjF2GcOD_6BpX5yfI60n-QEZ9Ov8Hbc0kzBNKmE8Sxgxhatyy7gBBBAEEUUQ
x-cache: EXPIRED
x-77-cache: MISS
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-age: 4987
x-accel-date: 1696211231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: AVm7sQ920d/bexMAAA
x-accel-expires: @1696219818
x-77-age: 4987
last-modified: Tue, 20 Sep 2022 08:38:13 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: 49be1408a837a4569a341a6571f2a506
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1663663093852794
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Mon, 02 Oct 2023 04:10:18 GMT

GET
H2 200 lp.js Show response
script.accesstrade.in.th/ 5 KB
6 KB 110ms
35ms Script
text/javascript 108.138.106.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.accesstrade.in.th/lp.js?cb=1696216218011
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-33.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccc0d738401ecb0a97cf3c857f5e0dee85b6d3668711a30951b61663f0102b91

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 10:36:52 GMT
via: 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 04:56:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 59609
x-amz-server-side-encryption: AES256
etag: "b07267a9675aa89889de89cd78f1f63d"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 5324
x-amz-cf-id: nVy3exzc2qY-LshMQOI4aDQSZXOvPtWLmsSIYqtoD9pB726zT9k0wA==

GET
H2 200 / Show response
track.omguk.com/e/qs/ 0
556 B 129ms
49ms Script
text/javascript 52.70.180.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://track.omguk.com/e/qs/?action=Content&MID=2339060&PID=53903&ref=https%3A//www.ofm.co.th/newpassword%3Fcode%3D1843a97b6d1f_943779%26action%3Dinvite

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.70.180.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-180-234.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 327ms
31ms Script
application/javascript 23.48.25.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.25.101 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-48-25-101.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

3404c3685d4329cac25eef1f9f68368817b06504f395d6012fc5673437709758

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: 68YFKEu2jBpHRWv9ZpU280Pr1A-rpk0
strict-transport-security: max-age=15768000
content-encoding: gzip
date: Mon, 02 Oct 2023 03:10:18 GMT
x-amz-request-id: tx00000539874b7adccffe2-0065163df6-13de1fad-jp2
content-length: 9943
x-amz-expiration: expiry-date="Wed, 29 Nov 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified: Fri, 29 Sep 2023 02:58:49 GMT
server: VOS
etag: "d3d2564cc3580b0de15d9c80b04c8c6a"
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: max-age=2332195
accept-ranges: bytes
expires: Sun, 29 Oct 2023 03:00:13 GMT

GET
H2 200 fmbi42qifu Show response
www.clarity.ms/tag/ 1 KB
1 KB 164ms
81ms Script
application/x-javascript 13.107.253.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fmbi42qifu?ref=gtm2
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8ad2745d655aa4a46805d466f271591638cc6760936fb1c18aa0ba0f8008d6c9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date: Mon, 02 Oct 2023 03:10:17 GMT
x-azure-ref: 0mjQaZQAAAADPhlJREJ+xSJm7UT824kKVWVRPMjIxMDkwODE4MDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1036
expires: -1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 182ms
45ms Script
application/javascript 23.40.18.191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIHU9QJC77U9G5MV8IRG&lib=ttq
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.18.191 West Orange, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-18-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5922027ef56fc5c66a56e30f3b2939c66b798315b436eadd90ceb9f0c4be256f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 2d74f1e
date: Mon, 02 Oct 2023 03:10:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-17-191.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=11
content-length: 1721
pragma: no-cache
server: nginx
x-tt-logid: 2023100203101871F6D5E434D25BED7246
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.40.17.191
x-tt-trace-host: 01e576ad24f7fabcd85dda250e5feba24aa66a970161a9614ce42c3040226fac74a46e2244b5ef627343c9b8d31dea4481d6679cc204a88a258f9cda154c9d5da54329c295bba90aff06254bae6e48082364daec9719a5a555bc87eb4be2f21d96
expires: Mon, 02 Oct 2023 03:10:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 58ms
57ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6D0LWJ3Z9P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVKQ5LW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2c21a665ea3fe49083480033faf429232360cc175c8ecae1ae11442070c501d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 03:10:18 GMT

GET
H2 200 513ecbf.js Show response
www.ofm.co.th/_nuxt/ 144 B
476 B 32ms
31ms Script
application/javascript 157.185.179.12
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ofm.co.th/_nuxt/513ecbf.js
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/_nuxt/024d5ad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.185.179.12 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: CloudWAF /
Resource Hash: a67640b4acf75b2bafbe7610bc53cee2b4cb28b300582df74fe90ff32f144130

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:18 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 10:44:40 GMT
server: CloudWAF
age: 1
etag: W/"90-18aad0ac9c0"
x-ws-request-id: 651a349a_PSmgzjgORD1dr60_1754-22233
content-type: application/javascript; charset=UTF-8
x-via: 1.1 PSrbJP1tu67:2 (Cdn Cache Server V2.0), 1.1 PSmgzjgORD1dr60:21 (Cdn Cache Server V2.0)
cache-control: public, max-age=31536000
accept-ranges: bytes

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 122ms
45ms Ping
text/plain 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6D0LWJ3Z9P&gtm=45je39r0&_p=366364172&_gaz=1&cid=1956985329.1696216218&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696216218&sct=1&seg=0&dl=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3D1843a97b6d1f_943779%26action%3Dinvite&dt=OFM%20Biz%20%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A3%E0%B8%9A%20%E0%B8%88%E0%B8%9A%E0%B9%84%E0%B8%A7%20%E0%B8%AA%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%A3%E0%B9%87%E0%B8%A7&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6D0LWJ3Z9P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ofm.co.th
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 125ms
46ms Ping
text/plain 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6D0LWJ3Z9P&cid=1956985329.1696216218&gtm=45je39r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6D0LWJ3Z9P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ofm.co.th
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 127ms
50ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6D0LWJ3Z9P&cid=1956985329.1696216218&gtm=45je39r0&aip=1&z=1763150352

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 44ms
44ms XHR
text/plain 142.251.111.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=366364172&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3D1843a97b6d1f_943779%26action%3Dinvite&ul=en-us&de=UTF-8&dt=OFM%20Biz%20%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A3%E0%B8%9A%20%E0%B8%88%E0%B8%9A%E0%B9%84%E0%B8%A7%20%E0%B8%AA%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%A3%E0%B9%87%E0%B8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=62229561&gjid=475726034&cid=1956985329.1696216218&tid=UA-11520015-31&_gid=2016628008.1696216218&_r=1&_slc=1&gtm=45He39r0n81TVKQ5LW&z=1044915609

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ofm.co.th/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ofm.co.th
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 701640077400556 Show response
connect.facebook.net/signals/config/ 138 KB
36 KB 37ms
36ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/701640077400556?v=2.9.131&r=stable&domain=www.ofm.co.th

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

668d96db81485cdc1744cee53b3052b65667aa8df0d267283556a8bc6d44fafb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 02 Oct 2023 03:10:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36505
x-xss-protection: 0
pragma: public
x-fb-debug: EWuv7tudMWoVNid4GvtxRGCcUvVR3lXw68zTNYLkJ2wN0i/b95Kev2Dv2Q76S3G6yI2/5UzgsCb515tRr+93ww==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.d33654e579af3e83b3a7.js Show response
script.hotjar.com/ 227 KB
56 KB 129ms
54ms Script
application/javascript 99.84.191.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d33654e579af3e83b3a7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3235515.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-77.iad89.r.cloudfront.net

Software

Resource Hash

99c842591119199d0c4d0a9e364ce966250ac32af60715da81bb389a594f9701

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e06a155936c216d176543a7a25710ed0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 223272
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56425
last-modified: Fri, 29 Sep 2023 13:08:24 GMT
etag: "a0be041c90e54972e882748c3b976cb7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: PfRCFeggs6R2MVwhrv1_u5OUkgyPFQkkafuvAzMrSNBOexEwfM5UIQ==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
20 KB 42ms
42ms Script
application/javascript 13.107.253.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fmbi42qifu?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 03:10:17 GMT
content-encoding: br
last-modified: Sat, 30 Sep 2023 04:52:57 GMT
x-azure-ref-originshield: 04TkZZQAAAAAFURLlKwcZQLGtPvDQ2dtsTU5aMjIxMDYwNjExMDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBC1711DA019ED"
x-azure-ref: 0mjQaZQAAAABHZgGFFK8WTZDU4wnct//wWVRPMjIxMDkwODE4MDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 30f0d21a-a01e-0002-12f0-f39063000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 65ms
45ms XHR
text/plain 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11520015-31&cid=1956985329.1696216218&jid=62229561&gjid=475726034&_gid=2016628008.1696216218&_u=YADAAEAAAAAAACAAI~&z=19675710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ofm.co.th/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 02 Oct 2023 03:10:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ofm.co.th
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 60ms
19ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=701640077400556&ev=PageView&dl=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3D1843a97b6d1f_943779%26action%3Dinvite&rl=&if=false&ts=1696216218231&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.2.1696216218229.1534137186&ler=empty&it=1696216218175&coo=false&exp=a1&rqm=GET

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 02 Oct 2023 03:10:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 0AF6 0
202 B 58ms
19ms Document
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.ofm.co.th
Referer: https://www.ofm.co.th/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.ofm.co.th
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 03:10:18 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 142.251.111.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=366364172&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3D1843a97b6d1f_943779%26action%3Dinvite&ul=en-us&de=UTF-8&dt=OFM%20Biz%20%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A3%E0%B8%9A%20%E0%B8%88%E0%B8%9A%E0%B9%84%E0%B8%A7%20%E0%B8%AA%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%A3%E0%B9%87%E0%B8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=dvxhl8&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=1956985329.1696216218&tid=UA-11520015-31&_gid=2016628008.1696216218&gtm=45He39r0n81TVKQ5LW&cd5=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffmbi42qifu%2F14is9cb%2Fdvxhl8&z=1726151554

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Oct 2023 06:16:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75230
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 128ms
49ms Image
image/gif 142.251.111.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11520015-31&cid=1956985329.1696216218&jid=62229561&_u=YADAAEAAAAAAACAAI~&z=612324722

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 48ms
47ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11520015-31&cid=1956985329.1696216218&jid=62229561&_u=YADAAEAAAAAAACAAI~&z=612324722

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWQ0NWRkZTlhMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 389 KB
101 KB 34ms
33ms Script
application/javascript 23.40.18.191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIHU9QJC77U9G5MV8IRG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.18.191 West Orange, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-18-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 2d74f29
date: Mon, 02 Oct 2023 03:10:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921130201F24FD9312EBDD9489B2B
vary: Accept-Encoding
x-cache: TCP_HIT from a23-40-17-191.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011d96b0ed7fca85db6e50cb6e2efdc523990486b287d5173d519bde2065d8aa505697de28358edc0a5f0852562855992ce045c2198e17c260eaaf262ee37e979d76f17d4e649640622ea486391f52354a1a151f78391d615bdc969da789047372
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 102676

GET
H2 200 preact-incoming-feedback.d674a0d8c747cbf674df.js Show response
script.hotjar.com/ 200 KB
43 KB 38ms
37ms Script
application/javascript 99.84.191.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.d674a0d8c747cbf674df.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d33654e579af3e83b3a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-77.iad89.r.cloudfront.net

Software

Resource Hash

d62aca124d201942113cbff0de654f75161b3c6428569caee8cb848863acccbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 13:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e06a155936c216d176543a7a25710ed0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 223271
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43909
last-modified: Fri, 29 Sep 2023 13:08:24 GMT
etag: "5a1abcf796183c00f3998dfafbbb0e78"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: c34FRs4rERi25YUp2atpxoG89ruN8ksYHba2PYCfK4xdsTrycMesxQ==

GET
H2 200 browser-perf.7cf360d2474f1e9d9cf2.js Show response
script.hotjar.com/ 6 KB
2 KB 42ms
42ms Script
application/javascript 99.84.191.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.7cf360d2474f1e9d9cf2.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d33654e579af3e83b3a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-77.iad89.r.cloudfront.net

Software

Resource Hash

6228262dcda80673000e6e5302c626d08da6ebb34a247be1c561ffb50b088497

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e06a155936c216d176543a7a25710ed0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 384371
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1959
last-modified: Wed, 27 Sep 2023 16:23:41 GMT
etag: "df27b098cc8496cb600886982344760d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: XxN1EPTwsHv6ow6lNi3THsfED6K20oBji8kBLDqVx8ObBDveMhuXqg==

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
293 B 125ms
54ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ofm.co.th/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ofm.co.th
Date: Mon, 02 Oct 2023 03:10:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 550ms
183ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=d1241f3e-4e06-455d-953e-80bf4dc691d1&b_u=https%3A%2F%2Fwww.ofm.co.th%2Fnewpassword%3Fcode%3D1843a97b6d1f_943779%26action%3Dinvite&b_d=www.ofm.co.th&b_p=%2Fnewpassword&b_q=%3Fcode%3D1843a97b6d1f_943779%26action%3Dinvite&b_t=OFM%20Biz%20%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A3%E0%B8%9A%20%E0%B8%88%E0%B8%9A%E0%B9%84%E0%B8%A7%20%E0%B8%AA%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%94%E0%B9%89%E0%B9%80%E0%B8%A3%E0%B9%87%E0%B8%A7&c_t=lap&t_id=f051a508-a66a-4a8f-a62f-8dd78bf735e9&s_id=4e14df5c-369a0285&x4=1&e=pv&v=3.3.0&_t=1696216218375
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:18 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
35 KB 33ms
33ms Script
application/javascript 23.40.18.191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.18.191 West Orange, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-18-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 2d74f3d
date: Mon, 02 Oct 2023 03:10:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907121239506CD295343C6982C825
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-40-17-191.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019e98dc058bd34cdbb2147282171138c0e2853d4e532688aa8ac99073bc122356f10b80b755a771998e12b6ebfa1ec04b9cb187ab757b9d4db9c159a1adb905586fe52f7bdbe6f619d7e454b59042320912f5a4b34b6b8cc5c4ad854017a45402
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 35695

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
646 B 87ms
87ms Ping
text/plain 23.40.18.191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.18.191 West Orange, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-18-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ofm.co.th/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2d74f44
date: Mon, 02 Oct 2023 03:10:18 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-17-191.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing: inner; dur=40, cdn-cache; desc=MISS, edge; dur=6, origin; dur=49
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023100203101871F6D5E434D25BED7254
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 49,23.40.17.191
x-tt-trace-host: 01e576ad24f7fabcd85dda250e5feba24aa66a970161a9614ce42c3040226fac74a46e2244b5ef627343c9b8d31dea44811e3804ed24cf3def246cd53f89809d553e700abe885449c2460da1cf519e5cbed56ed8ca298f733048ff53596a02b588
access-control-allow-headers: Authorization,*
expires: Mon, 02 Oct 2023 03:10:18 GMT

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 762ms
249ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ofm.co.th
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.ofm.co.th
access-control-max-age: 3600
content-length: 0
date: Mon, 02 Oct 2023 03:10:19 GMT
vary: Origin

POST
H2

200

v2 Show response
asia.creativecdn.com/tags/
Redirect Chain

https://asia.creativecdn.com/tags/v2?type=json
https://asia.creativecdn.com/tags/v2?type=json&tc=1

419 B
809 B

251ms
250ms

Fetch
application/json

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
Protocol: H2
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: 2fcc99b481b8b44c1fdd545cffbd0cd096349c395305324646e723fb2e49284c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:20 GMT, Mon, 02 Oct 2023 03:10:20 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.ofm.co.th
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 313
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 02 Oct 2023 03:10:19 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://www.ofm.co.th
access-control-allow-methods: GET, POST
location: https://asia.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 106ms
35ms Font
font/woff2 99.84.191.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-77.iad89.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ofm.co.th/
Origin: https://www.ofm.co.th
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 966d01179c7098b0cf2a20ba8c352dee.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 3866381
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 18 Aug 2023 09:05:29 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: xv81tMKcPDb0rMOIOYyKWEu2p5_0LUR66h_KM2q374yBxMMRnJTcBA==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
648 B 97ms
97ms Ping
text/plain 23.40.18.191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.18.191 West Orange, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-18-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ofm.co.th/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2d74f57
date: Mon, 02 Oct 2023 03:10:18 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-40-17-191.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing: inner; dur=41, cdn-cache; desc=MISS, edge; dur=14, origin; dur=51
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023100203101871F6D5E434D25BED7263
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.40.17.191
x-tt-trace-host: 01e576ad24f7fabcd85dda250e5feba24aa66a970161a9614ce42c3040226fac74a46e2244b5ef627343c9b8d31dea44818faff8a7d6e55d05a667fb5b0b0aee0f536dbb7916948eec7938f7339599d97fa05b2bc7c535016d01cb6785bc4ff82f
access-control-allow-headers: Authorization,*
expires: Mon, 02 Oct 2023 03:10:18 GMT

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
293 B 38ms
38ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ofm.co.th/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ofm.co.th
Date: Mon, 02 Oct 2023 03:10:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H/1.1 200
OK common.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/utils/ 5 KB
3 KB 1155ms
191ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:20 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:20 GMT

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 249ms
249ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ofm.co.th
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.ofm.co.th
access-control-max-age: 3600
content-length: 0
date: Mon, 02 Oct 2023 03:10:20 GMT
vary: Origin

GET
H2 200 fledge-igmembership Show response
asia.creativecdn.com/ Frame 92F6 1 KB
652 B 248ms
247ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/fledge-igmembership?ntk=TigdMrm1et1lbjwoDFefxCGEAzKbLon_YQS5nb49ul83nQgdnSdMX_su8OGBeCYGKuVJaEFl4yWRZ8sNMIRPHg
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/eYyrBlV2DqhIXttPPGKW.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: a4a8fb53799eadecef45d94292858a61c1ad0e85639153d12a6501b06d61a544

Request headers

Referer: https://www.ofm.co.th/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 464
content-type: text/html;charset=utf-8
date: Mon, 02 Oct 2023 03:10:20 GMT Mon, 02 Oct 2023 03:10:20 GMT
expires: Tue, 03 Oct 2023 03:10:20 GMT
vary: Accept-Encoding

GET
H2 200 topics-membership Show response
asia.creativecdn.com/ Frame C320 945 B
658 B 248ms
248ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/topics-membership?ntk=Jse5DSpmd7MuIvMSsxWVZWu44W911OUTjPNR-KyeoLuykXdJHGrEnnVu1NsLFHR67FovUOoewGC5VXix_qXsmw
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/eYyrBlV2DqhIXttPPGKW.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: 133f76a2d686b51a7ca821e5c1609aa15b4cbba779dda5be449945059fb26432

Request headers

Referer: https://www.ofm.co.th/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 470
content-type: text/html;charset=utf-8
date: Mon, 02 Oct 2023 03:10:20 GMT Mon, 02 Oct 2023 03:10:20 GMT
expires: Tue, 03 Oct 2023 03:10:20 GMT
vary: Accept-Encoding

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=315&code=22xH9eImGL82VAOwaBys
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D22xH9eImGL82VAOwaBys

43 B
879 B

39ms
39ms

Image
image/gif

68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D22xH9eImGL82VAOwaBys

Requested by

Host: www.ofm.co.th
URL: https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

Server

68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:20 GMT
an-x-request-uuid: 548c9a6d-92fb-4a60-8c1f-f1279dda1014
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.19.213.88; 37.19.213.88; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:20 GMT
an-x-request-uuid: b4092509-0eca-4ad9-b1d9-a3f65492334d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3D22xH9eImGL82VAOwaBys
cache-control: no-store, no-cache, private
x-proxy-origin: 37.19.213.88; 37.19.213.88; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK esw.min.css
officemate.my.salesforce.com/embeddedservice/5.0/ 9 KB
5 KB 191ms
191ms Stylesheet
text/css 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/esw.min.css

Requested by

Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:20 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:20 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/client/ 20 KB
6 KB 384ms
191ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:21 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D9E37F4A936B456B86A3303CDED285CE&RedC=c.clarity.ms&MXFR=36475699F3B76C0E1D414507F7B7628A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9E37F4A936B456B86A3303CDED285CE&MUID=2257568D2D5C691D13A445132CF668F1

42 B
440 B

33ms
32ms

Image
image/gif

20.125.209.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9E37F4A936B456B86A3303CDED285CE&MUID=2257568D2D5C691D13A445132CF668F1
Protocol: H2
Server: 20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:20 GMT
last-modified: Wed, 30 Aug 2023 19:01:59 GMT
server: Microsoft-IIS/10.0
etag: "3f4a4a7474dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 03:10:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8D9FBE52F1E847BB8799CF94EDB7017E Ref B: YTO01EDGE0506 Ref C: 2023-10-02T03:10:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9E37F4A936B456B86A3303CDED285CE&MUID=2257568D2D5C691D13A445132CF668F1
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK esw.html Show response
officemate.my.salesforce.com/embeddedservice/5.0/ Frame AD34 194 B
916 B 191ms
191ms Document
text/html 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Requested by

Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ofm.co.th/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=UTF-8
Date: Mon, 02 Oct 2023 03:10:21 GMT
Expires: Tue, 03 Oct 2023 03:10:21 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none

GET
H/1.1 200
OK eswFrame.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/ Frame AD34 5 KB
3 KB 191ms
191ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:21 GMT

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
293 B 35ms
35ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ofm.co.th/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ofm.co.th
Date: Mon, 02 Oct 2023 03:10:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H/1.1 200
OK session.esw.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/frame/ Frame AD34 2 KB
2 KB 191ms
191ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:10:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:21 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/frame/ Frame AD34 2 KB
1 KB 195ms
194ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:21 GMT

GET
H/1.1 200
OK chasitor.esw.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/frame/ Frame AD34 23 KB
6 KB 196ms
196ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 01 Feb 2023 22:50:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:21 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la1-c1-ukb.salesforceliveagent.com/chat/rest/EmbeddedService/ 20 KB
4 KB 1676ms
198ms Script
text/javascript 101.53.161.5
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c1-ukb.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D28000001uuUn&EmbeddedServiceConfig.configName=OFM_Live_Chat&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=th

Requested by

Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.161.5 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ukb.la1-c1-ukb.salesforceliveagent.com

Software

Resource Hash

2ba5dc43967ef443876c785cd1db7f049455c457b333d5f0b6fa19f3c3d9ff7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/client/ 19 KB
5 KB 191ms
191ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:21 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la1-c1-ukb.salesforceliveagent.com/chat/rest/Visitor/ 342 B
673 B 1481ms
193ms Script
text/javascript 101.53.161.5
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c1-ukb.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[57328000000L5zn]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5720K000000GwRJ&org_id=00D28000001uuUn&version=48

Requested by

Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.161.5 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ukb.la1-c1-ukb.salesforceliveagent.com

Software

Resource Hash

f4daf6aa64891b25d24fb46c56a4b0ca5b03ad107dd9cdd78d10c5a3ba235756

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/utils/ 8 KB
3 KB 198ms
197ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: officemate--prepro.sandbox.my.salesforce.com
URL: https://officemate--prepro.sandbox.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.ofm.co.th/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:22 GMT

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
officemate.my.salesforce.com/embeddedservice/5.0/frame/ Frame AD34 473 B
935 B 192ms
191ms Script
application/x-javascript 101.53.160.166
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://officemate.my.salesforce.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: officemate.my.salesforce.com
URL: https://officemate.my.salesforce.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

101.53.160.166 , Japan, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ukb.ap6-ukb.my.salesforce.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://officemate.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.ofm.co.th/newpassword?code=1843a97b6d1f_943779&action=invite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 03:10:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Tue, 03 Oct 2023 03:10:22 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer: https://officemate.my.salesforce.com/
Origin: https://www.ofm.co.th
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: application/octet-stream

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
293 B 34ms
34ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ofm.co.th/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ofm.co.th
Date: Mon, 02 Oct 2023 03:10:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ofm.co.th/	1969-12-31 23:59:59	Name: HWWAFSESID Value: 973047f8da950957a4
www.ofm.co.th/	1969-12-31 23:59:59	Name: HWWAFSESTIME Value: 1696216214265
.ofm.co.th/	1970-01-20 17:19:52	Name: _gcl_au Value: 1.1.640374052.1696216218
track.omguk.com/	1970-01-20 16:36:43	Name: OMG-Channel-2339060 Value: Channel%3D
track.omguk.com/	1970-01-20 16:36:43	Name: OMGID Value: UUserID%3D%7B1a611329-4677-454f-a83b-f4088dfb94f5%7D
track.omguk.com/	1970-01-20 15:10:18	Name: OMGSession Value: SessionID%3D67443fe22d71477ba3ac83098c0301f3%26SessionCount%3D0
.ofm.co.th/	1970-01-21 00:46:16	Name: _ga_6D0LWJ3Z9P Value: GS1.1.1696216218.1.0.1696216218.60.0.0
.ofm.co.th/	1970-01-21 00:46:16	Name: _ga Value: GA1.3.1956985329.1696216218
.ofm.co.th/	1970-01-20 15:11:42	Name: _gid Value: GA1.3.2016628008.1696216218
.ofm.co.th/	1970-01-20 15:10:16	Name: _gat_UA-11520015-31 Value: 1
www.clarity.ms/	1970-01-20 23:55:52	Name: CLID Value: 6952d4cfbc444172bfb06387daa95e25.20231002.20241001
.ofm.co.th/	1970-01-20 17:19:52	Name: _fbp Value: fb.2.1696216218229.1534137186
.ofm.co.th/	1970-01-20 23:55:52	Name: _clck Value: 14is9cb\|2\|ffi\|0\|1370
.tiktok.com/	1970-01-21 00:31:52	Name: _ttp Value: 2WBqFjR4hb3R7ZFJ34xv20vMEsz
.ofm.co.th/	1970-01-20 23:55:52	Name: _hjSessionUser_3235515 Value: eyJpZCI6ImE1M2ZjYWU0LTg4MGUtNWNkMC1hZmQ0LTU4MmIyZGU2MTY3OSIsImNyZWF0ZWQiOjE2OTYyMTYyMTgzNTQsImV4aXN0aW5nIjpmYWxzZX0=
.ofm.co.th/	1970-01-20 15:10:18	Name: _hjFirstSeen Value: 1
.ofm.co.th/	1970-01-20 15:10:16	Name: _hjIncludedInSessionSample_3235515 Value: 0
.ofm.co.th/	1970-01-20 15:10:18	Name: _hjSession_3235515 Value: eyJpZCI6Ijc4YmI5ZGZjLTE5ZjUtNGRkNy04NDE4LTU3Yzc2YWIyMGEzMyIsImNyZWF0ZWQiOjE2OTYyMTYyMTgzNTYsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.ofm.co.th/	1970-01-20 15:10:18	Name: _hjAbsoluteSessionInProgress Value: 0
.www.ofm.co.th/	1970-01-21 00:46:16	Name: __lt__cid Value: d1241f3e-4e06-455d-953e-80bf4dc691d1
.www.ofm.co.th/	1970-01-20 15:10:18	Name: __lt__sid Value: 4e14df5c-369a0285
.ofm.co.th/	1970-01-21 00:31:52	Name: _tt_enable_cookie Value: 1
.ofm.co.th/	1970-01-21 00:31:52	Name: _ttp Value: uKTzqNf_8kHMqNmsXheGeAeVBZv
www.ofm.co.th/	1970-01-20 23:55:27	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22bZHgN1qPIE1QjmDjvHxC%22%7D
.ofm.co.th/	1970-01-20 15:11:42	Name: _clsk Value: dvxhl8\|1696216218520\|1\|1\|y.clarity.ms/collect
.line.me/	1970-01-21 00:46:16	Name: _ldbrbid Value: tr__k1y/XGUaNJo6PqzPzpH+Ag==
.salesforce.com/	1970-01-20 23:55:52	Name: BrowserId_sec Value: N8rolmDREe6co1fKj-0ijQ
.creativecdn.com/	1970-01-20 23:55:52	Name: u Value: 22xH9eImGL82VAOwaBys
.creativecdn.com/	1970-01-20 23:55:52	Name: ts Value: 1696216219
.creativecdn.com/	1970-01-20 23:55:52	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 17:19:52	Name: uuid2 Value: 2260991504869778111
.adnxs.com/	1970-01-20 17:19:52	Name: anj Value: dTM7k!M4/YEVNsVF']wIg2GVJie'//!]tbPl1Mis+nOv$Uach%Oso9BF@Np0On.87MxMgjE`3'DUW5GH<QG=%9sk@3@'s>TcdMUX
.bing.com/	1970-01-21 00:31:52	Name: MUID Value: 2257568D2D5C691D13A445132CF668F1
.c.bing.com/	1970-01-20 15:20:21	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:31:52	Name: SRM_B Value: 2257568D2D5C691D13A445132CF668F1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:31:52	Name: MUID Value: 2257568D2D5C691D13A445132CF668F1
.c.clarity.ms/	1970-01-20 15:20:21	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:10:16	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
apis.ofm.co.th
asia.creativecdn.com
c.bing.com
c.clarity.ms
connect.facebook.net
d.la1-c1-ukb.salesforceliveagent.com
d.line-scdn.net
ib.adnxs.com
mstatic.priceza.com
officemate--prepro.sandbox.my.salesforce.com
officemate.my.salesforce.com
script.accesstrade.in.th
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tags.creativecdn.com
tr.line.me
track.omguk.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.ofm.co.th
y.clarity.ms
101.53.160.166
101.53.161.5
103.132.192.30
104.211.35.148
108.138.106.33
110.238.127.46
13.107.21.200
13.107.253.38
142.250.31.94
142.251.111.113
142.251.111.99
147.92.191.92
157.185.179.12
157.240.229.1
161.71.133.47
172.253.63.102
172.253.63.154
172.253.63.97
18.136.3.203
18.160.41.53
20.125.209.212
23.40.18.191
23.48.25.101
31.13.80.36
52.70.180.234
68.67.160.184
89.187.177.16
99.84.191.77
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
03e0eb77373bf81bfda8200877b5aea4cc604d75fec6badee9505717778eb1d8
0c0c46fb6987f0a78f05724036d48029d4e42a00ab50bdaec452cded93c2497f
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
133f76a2d686b51a7ca821e5c1609aa15b4cbba779dda5be449945059fb26432
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208
2ba5dc43967ef443876c785cd1db7f049455c457b333d5f0b6fa19f3c3d9ff7c
2c21a665ea3fe49083480033faf429232360cc175c8ecae1ae11442070c501d8
2c254471e5b86811af65785918d0edd65e2358d8d5c81fd6c0d26e409b922032
2fcc99b481b8b44c1fdd545cffbd0cd096349c395305324646e723fb2e49284c
3404c3685d4329cac25eef1f9f68368817b06504f395d6012fc5673437709758
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
3854bf6e90e3cb3c8f8ce04bc86cf7ac58d83b3ffbc4b1345ea7d112095b79ff
3d5b7e1092e9f2e8128d6bbce9eb959af629b71f1bea1fe192a91a761be6fd6a
40174ee2fc06c8bf3d13f29420f4167b978394f79a815b32b35c9c4fba304698
44e0ce08349b784a4d685f99d17d60cee66723ecf33bdc054afa78a75b0a04bb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
545410e2cc17b7485bff89b4368a900e14b0f1fcb2e39e5d1d52d42249d3e450
55fc8b4a0b66e2f9e18294e598856d77cb0879710dd71daa8a8cf31f3ec9486e
5922027ef56fc5c66a56e30f3b2939c66b798315b436eadd90ceb9f0c4be256f
5d714e83972fb0aa696822a65f1a227fbe91beeb153e671de112ef8673236a36
5e30b57fe5fb95c9f1bd9da916fae3298be9f90ec058313a16abe4c3aa52673d
6228262dcda80673000e6e5302c626d08da6ebb34a247be1c561ffb50b088497
668d96db81485cdc1744cee53b3052b65667aa8df0d267283556a8bc6d44fafb
6f9438ebd123db38089ed2c31b92d6b20c7294dbda81b1a8f8b3871509b48ccf
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
79ea02dbfb25a4da91d7f66b6db3fe4eec410b4874e9c8235f535775cfd0f0cf
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7e14f2caafd07d1c838040ca762a43515823855f68686875ba6da67a0fe4d789
81905ec7149c967db6f0acd77c340f50851042e015775c9e449cf08df4d06a03
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8ad2745d655aa4a46805d466f271591638cc6760936fb1c18aa0ba0f8008d6c9
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c842591119199d0c4d0a9e364ce966250ac32af60715da81bb389a594f9701
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a4a8fb53799eadecef45d94292858a61c1ad0e85639153d12a6501b06d61a544
a67640b4acf75b2bafbe7610bc53cee2b4cb28b300582df74fe90ff32f144130
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
adad878819ef5dc9c80dbd09904ed15010e86831e180a778375238c6fe66e509
ae88013fad7922ef9fa27a01f1f125d706f9717918e0ec328c24908e06757a7d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2788f78503dbfbfaa6c78a36d1aeb287e6bf1542850afea927bb654797eccaf
c50f43a9776a8fb9bc6b62de71ff2c4b1eede0893a14a563766139d1d9f81f42
ccc0d738401ecb0a97cf3c857f5e0dee85b6d3668711a30951b61663f0102b91
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d28f8833bd640757d6781d6bf0cd19fa5e0fac699347aa2ca114237a43f66232
d62aca124d201942113cbff0de654f75161b3c6428569caee8cb848863acccbe
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e127859f9a55ea4c9c087582d5642431d070b279f80331e18ba4c659e091f8fb
e2846026ebe599c8fb5b50143c706180dd7addf7ecf0dc8438828f4f9076756d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b481492c7e1f1e4b952309bc0801521f9b6ff83cbad217ec6ae678adc4d5f3
e8ce2c7816d5a0bb587ad0249f0aec0b6bd2c8947a109f291632619dbf32646c
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9338cbfdaea49d5d10f91fa0a78bb8aefa906aa974e7574c4131f57085b126
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
f4daf6aa64891b25d24fb46c56a4b0ca5b03ad107dd9cdd78d10c5a3ba235756
f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

www.ofm.co.th Open in urlscan Pro 157.185.179.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

96 %HTTPS

0 %IPv6

21 Domains

28 Subdomains

28 IPs

5 Countries

2606 kBTransfer

9713 kBSize

39 Cookies

20 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ofm.co.th Open in urlscan Pro
157.185.179.12 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

96 %
HTTPS

0 %
IPv6

21
Domains

28
Subdomains

28
IPs

5
Countries

2606 kB
Transfer

9713 kB
Size

39
Cookies

81 HTTP transactions
2 data transactions