HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 20 Oct 2021 10:00:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.lh.co.th/
X-Frame-Options: SAMEORIGIN
HTTP/2 302
date: Wed, 20 Oct 2021 10:00:08 GMT
content-security-policy: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-content-security-policy: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-webkit-csp: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-dns-prefetch-control: on
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
x-xss-protection: 1; mode=block
location: /th/
cf-cache-status: BYPASS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a1165b82c472d7c-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
HTTP/2 302
date: Wed, 20 Oct 2021 10:00:09 GMT
content-security-policy: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-content-security-policy: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-webkit-csp: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-dns-prefetch-control: on
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
x-xss-protection: 1; mode=block
location: /th
cf-cache-status: BYPASS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a1165bee9702d7c-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
HTTP/2 200
date: Wed, 20 Oct 2021 10:00:09 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-content-security-policy: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-webkit-csp: default-src 'self'; connect-src 'self' res.cloudinary.com assets.lh.co.th fb-apigw.lh.co.th graphql.lh.co.th www.lh.co.th api.lh.co.th wss://fb-apigw.lh.co.th www.googletagmanager.com www.google.com www.google-analytics.com o401495.ingest.sentry.io o2.mouseflow.com www.gstatic.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com wss://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 ws://widget-mediator.zopim.com/s/W/ws/slZMUmy81eFr7242/c/1597592717787 wss://widget-mediator.zopim.com ws://widget-mediator.zopim.com ws://zopim.com wss://zopim.com in.hotjar.com *.hotjar.com vc.hotjar.io *.hotjar.io trc-events.taboola.com *.taboola.com www.facebook.com *.facebook.com *.ingest.sentry.io stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com; img-src * data: my.matterport.com *.matterport.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' static.cloudflareinsights.com www.googleadservices.com www.googletagmanager.com www.google.com o401495.ingest.sentry.io www.gstatic.com ajax.cloudflare.com cdnjs.cloudflare.com 360.lh.co.th *.zdassets.com *.zendesk.com *.zopim.com *.chromestatus.com google-analytics.com www.google-analytics.com *.google-analytics.com cdn.mouseflow.com *.mouseflow.com cdn.taboola.com *.taboola.com apiv2.popupsmart.com *.popupsmart.com static.ads-twitter.com *.ads-twitter.com www.clickcease.com *.clickcease.com static.hotjar.com *.hotjar.com connect.facebook.net *.facebook.net d.line-scdn.net *.line-scdn.net analytics.twitter.com *.twitter.com www.hotjar.com *.hotjar.com d.line-cdn.net *.line-cdn.net stats.g.doubleclick.net googleads.g.doubleclick.net my.matterport.com *.matterport.com https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-src 'self' res.cloudinary.com youtu.be assets.lh.co.th lh-dev-res.cloudinary.com www.youtube.com www.youtu.be 360.lh.co.th www.google.co.th www.google.com www.hotjar.com *.hotjar.com www.facebook.com *.facebook.com my.matterport.com *.matterport.com; media-src 'self' res.cloudinary.com assets.lh.co.th *.lh.co.th 360.lh.co.th lh-dev-res.cloudinary.com *.cloudinary.com *.zdassets.com static.zdassets.com *.cloudfront.net my.matterport.com *.matterport.com; font-src 'self' data: res.cloudinary.com assets.lh.co.th fonts.googleapis.com; upgrade-insecure-requests
x-dns-prefetch-control: on
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: HIT
age: 2654
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a1165c55edc2d7c-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
|