urlscan.io logo urlscan.io
SecurityTrails logo

oas.kotchasan.com Open in urlscan Pro
52.74.219.205  Public Scan

Go To Rescan Add Verdict Report
URL: http://oas.kotchasan.com/
Submission: On October 28 via api from BY — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 52.74.219.205, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is oas.kotchasan.com.
This is the only time oas.kotchasan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 52.74.219.205 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2a03:2880:f10... 32934 (FACEBOOK)
15 3
Apex Domain
Subdomains		 Transfer
12 kotchasan.com
oas.kotchasan.com
350 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
15 3
Domain Requested by
12 oas.kotchasan.com oas.kotchasan.com
2 connect.facebook.net oas.kotchasan.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
15 3

This site contains links to these domains. Also see Links.

Domain
www.kotchasan.com
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-06 -
2023-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://oas.kotchasan.com/
Frame ID: E1790FBAAFE02ACD11D4C6FED3A2FB17
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OAS - เข้าระบบด้วยบัญชีสมาชิกที่มีอยู่แล้ว

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

15
Requests

13 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

439 kB
Transfer

878 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://connect.facebook.net/th_TH/sdk.js HTTP 307
  • https://connect.facebook.net/th_TH/sdk.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oas.kotchasan.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://oas.kotchasan.com/
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
d919e466cb64686963f47625ca419e1091289ebe765810bf2bbbb3473925d6d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 28 Oct 2023 07:24:49 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=60
Pragma
no-cache
Server
nginx/1.24.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
HIT from Backend
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
index
oas.kotchasan.com/index.php/css/view/ 		117 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://oas.kotchasan.com/index.php/css/view/index?1697618207
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
f8a3904ac37855ebf55b98bd0f7dae27ca6705cfad2b778cde1291242aeb50e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 Oct 2023 07:24:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.24.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
X-FRAME-OPTIONS
SAMEORIGIN
X-Cache
HIT from Backend
Cache-Control
max-age=31557600
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
th
oas.kotchasan.com/index.php/js/view/index/ 		184 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://oas.kotchasan.com/index.php/js/view/index/th?1697618207
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
aedff924990d3c63273f927dbf6d56c82f78a24edfb5364507ab6e82a44481a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.24.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-FRAME-OPTIONS
SAMEORIGIN
X-Cache
HIT from Backend
Cache-Control
max-age=31557600
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block, 1; mode=block
sdk.js
connect.facebook.net/th_TH/
Redirect Chain
  • http://connect.facebook.net/th_TH/sdk.js
  • https://connect.facebook.net/th_TH/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/
Protocol
H2
Server
2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ef80f170c040831f5550057e87a8038b8bd156b77de117114008455ee2cece5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 28 Oct 2023 07:24:49 GMT
content-md5
bxl2cqY6APhIPhXKtcIbNw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
x-fb-debug
OTQDe+/QXzckOOWeKyNcu0R+uIwBFw2FnPKdZOV0Ffb0vs3rpQed6qLXvEKW/OLnC7qJJSUDwfDkgRwilh+3XQ==
x-fb-content-md5
3476216072ebccd49e0827b2eff10f60
cross-origin-opener-policy
same-origin-allow-popups
etag
"c9f6faec50f4373d0c75c82ac9e976d8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 28 Oct 2023 07:26:25 GMT

Redirect headers

Location
https://connect.facebook.net/th_TH/sdk.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
bg_image.png
oas.kotchasan.com/datas/images/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oas.kotchasan.com/datas/images/bg_image.png
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/index.php/css/view/index?1697618207
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
1b5d121c6e7ed94717214242c526ca19b3ece9c1ac006a93c3bb147dd7907757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/index.php/css/view/index?1697618207
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02 Aug 2022 12:45:42 GMT
Server
nginx/1.24.0
ETag
W/"62e91c76-1bfc8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
X-Cache
HIT from Backend
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
en.gif
oas.kotchasan.com/language/ 		382 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oas.kotchasan.com/language/en.gif
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
af0b0413707a12e92c6fa3811643406d8bdca710ecb2fb414651ccfd359a6cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Oct 2021 06:48:51 GMT
Server
nginx/1.24.0
ETag
"615bf553-17e"
X-Cache
HIT from Backend
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
382
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
la.gif
oas.kotchasan.com/language/ 		558 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oas.kotchasan.com/language/la.gif
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
5b695681be7c9a47b1aac78e9d2a63330b9d23425d461417ff11d59b0f5203dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Oct 2021 06:48:51 GMT
Server
nginx/1.24.0
ETag
W/"615bf553-22e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/gif
X-Cache
HIT from Backend
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ma.gif
oas.kotchasan.com/language/ 		581 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oas.kotchasan.com/language/ma.gif
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
58370133f0bc89e19e408e0246a156f0f1c5b0089e8a22e9c459067867bb3c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Oct 2021 06:48:51 GMT
Server
nginx/1.24.0
ETag
W/"615bf553-245"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/gif
X-Cache
HIT from Backend
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
th.gif
oas.kotchasan.com/language/ 		360 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oas.kotchasan.com/language/th.gif
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
3c99a77aab3aafe1e4f706109c0e6651fd1214744614d2e3a91eb7c0b6ed24cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Oct 2021 06:48:52 GMT
Server
nginx/1.24.0
ETag
"615bf554-168"
X-Cache
HIT from Backend
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
360
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
icomoon.ttf
oas.kotchasan.com/skin/fonts/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://oas.kotchasan.com/skin/fonts/icomoon.ttf
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/index.php/css/view/index?1697618207
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
029f1b4c8b2b99e9187917e5be6eb21d9f6a8fcfa817cfa1c0506dfa878f5dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://oas.kotchasan.com/index.php/css/view/index?1697618207
Origin
http://oas.kotchasan.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 27 Jul 2023 03:10:14 GMT
Server
nginx/1.24.0
ETag
"64c1e016-ce44"
X-Cache
HIT from Backend
Content-Type
application/octet-stream
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
52804
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
thsarabunnew_bold-webfont.woff
oas.kotchasan.com/skin/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://oas.kotchasan.com/skin/fonts/thsarabunnew_bold-webfont.woff
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/index.php/css/view/index?1697618207
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
7792dfc28a9bc9559d391e8109a338a7546b04eab9f1896c7ed021b4563bc75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://oas.kotchasan.com/index.php/css/view/index?1697618207
Origin
http://oas.kotchasan.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 05 Sep 2021 14:02:03 GMT
Server
nginx/1.24.0
ETag
"6134cddb-ca20"
X-Cache
HIT from Backend
Content-Type
font/woff
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
51744
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
thsarabunnew-webfont.woff
oas.kotchasan.com/skin/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://oas.kotchasan.com/skin/fonts/thsarabunnew-webfont.woff
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/index.php/css/view/index?1697618207
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
a5f4eac957aecb8e896a19d6ba5e748133c99e74d3b620b41e81125d8a1c1fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://oas.kotchasan.com/index.php/css/view/index?1697618207
Origin
http://oas.kotchasan.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 07:24:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 05 Sep 2021 14:02:03 GMT
Server
nginx/1.24.0
ETag
"6134cddb-caf4"
X-Cache
HIT from Backend
Content-Type
font/woff
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
51956
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
execute
oas.kotchasan.com/index.php/index/model/consent/ 		454 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://oas.kotchasan.com/index.php/index/model/consent/execute?1698477889212
Requested by
Host: oas.kotchasan.com
URL: http://oas.kotchasan.com/index.php/js/view/index/th?1697618207
Protocol
HTTP/1.1
Server
52.74.219.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
srv.goragod.com
Software
nginx/1.24.0 /
Resource Hash
6bc2626f4049856670a0df274fc132b63fb9045bab7ec101187b88048d776e72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
text/html,text/plain,application/xml,text/xml,application/json,text/javascript
Referer
http://oas.kotchasan.com/
X-Requested-With
XMLHttpRequest
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 28 Oct 2023 07:24:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.24.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
X-FRAME-OPTIONS
SAMEORIGIN
X-Cache
HIT from Backend
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
sdk.js
connect.facebook.net/th_TH/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js?hash=322072fab8d0fcf7b7a4904b4655e18c
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/th_TH/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ce49d13d2950f7c99f61861685dbb86d6eedec828cfe089f5762715abaf5399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://oas.kotchasan.com/
Origin
http://oas.kotchasan.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 28 Oct 2023 07:24:49 GMT
content-md5
PD65aTYtKSBgToRazNCrIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88559
reporting-endpoints
x-fb-debug
hKsmEn+yIhNT686hizp1VUxFEfFeS6uQy7ELhBFKF7WKG76XgBoRx5bOtyF6DOvWuGNAYcoVgeTTyejztXpIEA==
x-fb-content-md5
2608cccad867d9aca7cf6aa7206bcc60
cross-origin-opener-policy
same-origin-allow-popups
etag
"387f2698cd994dba333e05b824cf9714"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 27 Oct 2024 06:06:21 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=573367437131672&input_token&origin=1&redirect_uri=http%3A%2F%2Foas.kotchasan.com%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js?hash=322072fab8d0fcf7b7a4904b4655e18c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://oas.kotchasan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Sat, 28 Oct 2023 07:24:49 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
NV+QIdFpTSIE4xRBm/PqJNv908yxiyBGtFHfhMyaI0A2qk692CtyE1n4Ox5L5sBQxITGvUxu6BPGbPREj5ldfQ==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://oas.kotchasan.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| WEB_URL function| initAutoComplete function| initFacebookButton function| initFacebook function| fbLoginSubmit function| initGooleSignin function| googleSigninLoad function| ggLoginSubmit function| GGraphs undefined| loader object| modal function| send function| hideModal function| showModal function| defaultSubmit function| doFormSubmit function| initWriteTab function| dataTableActionCallback function| checkEmail function| checkUsername function| checkPassword function| checkIdcard function| initMailserver function| replaceURL function| initSystem function| initLinesettings function| selectMenu function| loadJavascript function| initEditInplace function| initCopyToClipboard function| initFirstRowNumberOnly function| initPageWrite function| initEditProfile function| initRegisterFrm undefined| createLikeButton function| initWeb function| barcodeEnabled function| initCompany function| findInput function| getInput function| setInputValue function| doCurrency function| initInventoryWrite function| initInventoryItems function| initInventoryOverview function| initInventoryOrder function| calcVat function| initPaymentDetails string| ACCEPT_ALL string| CANCEL string| CHANGE_COLOR string| CHECK string| CHECKBOX string| CLOSE string| COOKIES_SETTINGS string| DELETE string| DISABLE string| ENABLE string| INVALID_DATA string| NEXT_MONTH string| PLEASE_BROWSE_FILE string| PLEASE_FILL_IN string| PLEASE_SAVE_BEFORE_CONTINUING string| PLEASE_SELECT string| PLEASE_SELECT_AT_LEAST_ONE_ITEM string| PREV_MONTH string| SELECT_ALL string| SELECT_NONE string| SORRY_XXX_NOT_FOUND string| SUCCESSFULLY_COPIED_TO_CLIPBOARD string| SUCCESSFULLY_UPLOADED_XXX_FILES string| THE_TYPE_OF_FILE_IS_INVALID string| UNCHECK string| YOU_WANT_TO_XXX string| YOU_WANT_TO_XXX_THE_SELECTED_ITEMS function| forEach function| floatval function| toCurrency function| round function| copyToClipboard function| trans function| jsonToParams function| jwt_decode function| debug function| timeToMinute function| timeToSecond object| GClass function| GNative function| GAjax function| GForm function| GModal function| GFx function| GScroll function| preload object| GEvent object| Cookie function| GLoading function| GValidator function| GDrag function| GDragMove function| GMask function| GInput function| GDropdown function| GDateTime function| GFxZoom function| Color function| GDDColor function| GLightbox function| callClick function| $G function| $E object| $K function| GAutoComplete function| Clock function| GDatalist function| Datalist function| GDDMenu function| GDPanel function| GDragDrop function| EditInPlace function| GLoader function| GMultiSelect function| GTable function| PDPA function| fbAsyncInit object| elem function| initialize function| Ready function| after function| before function| insert function| copy function| replace function| remove function| setHTML function| getTop function| getLeft function| getWidth function| getHeight function| getClientWidth function| getClientHeight function| viewportOffset function| getDimensions function| getOffsetParent function| getCaretPosition function| setCaretPosition function| getStyle function| setStyle function| center function| get function| set function| hasClass function| addClass function| removeClass function| replaceClass function| hide function| show function| visible function| toggle function| nextNode function| previousNode function| firstNode function| nextTab function| sendKey function| callEvent function| addEvent function| removeEvent function| highlight function| fadeIn function| fadeOut function| setValue function| getText function| setOptions function| getSelectedText function| setSelectedText function| findLabel function| element function| elems function| create function| msgBox function| valid function| invalid function| reset function| init string| FIRST_MODULE object| FB object| __buffer

2 Cookies

Domain/Path Name / Value
oas.kotchasan.com/ Name: PHPSESSID
Value: jt3tgf3u8l1eakpb12v4nvb4p1
oas.kotchasan.com/ Name: my_lang
Value: th

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block