urlscan.io logo urlscan.io
SecurityTrails logo

epos.ctbcbank.com Open in urlscan Pro
175.184.240.185  Public Scan

Go To Rescan Add Verdict Report
URL: https://epos.ctbcbank.com/
Submission: On February 22 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 175.184.240.185, located in Taiwan and belongs to CHINATRUST-AS-TW Chinatrust Commercial Bank, TW. The main domain is epos.ctbcbank.com.
TLS certificate: Issued by DigiCert EV RSA CA G2 on March 16th 2023. Valid for: a year.
This is the only time epos.ctbcbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 175.184.240.185 131143 (CHINATRUS...)
13 1
Apex Domain
Subdomains		 Transfer
13 ctbcbank.com
epos.ctbcbank.com
486 KB
13 1
Domain Requested by
13 epos.ctbcbank.com epos.ctbcbank.com
13 1

This site contains no links.

Subject Issuer Validity Valid
epos.ctbcbank.com
DigiCert EV RSA CA G2		 2023-03-16 -
2024-04-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://epos.ctbcbank.com/
Frame ID: A6DBCFD92A9B93584D6F78645DFB0D82
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

特店管理系統

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

486 kB
Transfer

475 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
epos.ctbcbank.com/ 		12 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
3094885f2b644ff0dc08a911623d2f3cba2de332b2b3410aaf5a45b99d07f9cb
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Type
text/html;charset=UTF-8
Date
Thu, 22 Feb 2024 03:27:42 GMT
Expires
0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
style.css
epos.ctbcbank.com/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/css/style.css
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
df46161d25312e46dab20eef773d1f7cbe3709d69b699374712451cc1f4f2047
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
4421
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"4421-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
mm_menu.js
epos.ctbcbank.com/js/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/js/mm_menu.js
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
0ed9d1da227e950278586db940e0b854ca5f9e9050299012b4b61e40e9de11b0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
30446
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"30446-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
calendar.js
epos.ctbcbank.com/js/ 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/js/calendar.js
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
a95ba1958d6444725b3af2e3380d6d8981930c45516e56473ee3002917e56b8b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
48639
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"48639-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
calendar-setup.js
epos.ctbcbank.com/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/js/calendar-setup.js
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
7261662da5a777752deb3b744b618e8dbaba7370cc41517bc008cb23cd773112
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
4812
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"4812-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
calendar-en.js
epos.ctbcbank.com/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/js/calendar-en.js
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
dbc901b84c03df239ced4fbcdfb582eb70629b64ff1d61cd49a2824e29639019
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
3127
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"3127-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
browser_fix.js
epos.ctbcbank.com/js/ 		424 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/js/browser_fix.js
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
5e4285af0e7d67ab186ba70abd264b56d1579eeb9426db9f25750dc9663d9977
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
424
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"424-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
calendar-tas.css
epos.ctbcbank.com/css/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/css/calendar-tas.css
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
ac05c78abe9a941df162a81582b9b1123f7373e2043d0cf1f711c4cb8ad2759e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
5309
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"5309-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
ctcb.gif
epos.ctbcbank.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epos.ctbcbank.com/images/ctcb.gif
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
51757b7b2df034c2039f7124a05f308f03210bfd3b6df44b08907a4e31543b19
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
7857
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"7857-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
jquery.min.js
epos.ctbcbank.com/js/common/ 		281 KB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/js/common/jquery.min.js
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
a0e405cbc2cb17d67bc0e67b248ff15340df3ff2ee5516ae9a70fd3f6887c363
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
287629
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"287629-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
CTBCBankE2EELogIn_npg.js
epos.ctbcbank.com/js/ 		70 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epos.ctbcbank.com/js/CTBCBankE2EELogIn_npg.js
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
036289f6f828c2b5b72d2a855d03fe80946316f7e3b70b08214547a0c833c5bf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:42 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
71303
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"71303-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Language
de-DE
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0
Images.jsp
epos.ctbcbank.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epos.ctbcbank.com/Images.jsp
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
62270695f47b471f3ef29b681e945b1fc0ac2b0d369f73db23202c4567278647
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Feb 2024 03:27:43 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Expires
0
bg_login.jpg
epos.ctbcbank.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epos.ctbcbank.com/images/bg_login.jpg
Requested by
Host: epos.ctbcbank.com
URL: https://epos.ctbcbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.240.185 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
87d07b412fd9678185253337558054382c2d4619df535f8837763f0bb184bf2b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://epos.ctbcbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 03:27:45 GMT
Strict-Transport-Security
max-age=31536000;includeSubdomains;preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Content-Length
8635
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 25 Dec 2023 09:23:30 GMT
ETag
W/"8635-1703496210000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Permissions-Policy
microphone=(),geolocation=(),camera=()
Accept-Ranges
bytes
Expires
0

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| htmlEncode function| jsEscape function| Menu function| addMenuItem function| FIND function| writeMenus function| NS4resize function| onMenuItemOver function| onMenuItemAction function| MM_clearTimeout function| MM_startTimeout function| mmDoHide function| MM_showMenu function| onMenuItemDown function| mouseupMenu function| getExplorerVersion function| mouseoutMenu function| hideMenu function| hideChildMenu function| hideActiveMenus function| moveXbySlicePos function| moveYbySlicePos function| MM_goToURL function| MM_openBrWindow function| Calendar object| _dynarch_popupCalendar function| valid_inp function| reloadImg function| $ function| jQuery string| exponentStrX string| modulusStrX string| pinPolicyStr string| versionStr string| errCode string| errMsg string| encPIN string| encNewPIN function| getErrorCode function| getErrorMsg function| getEncryptPIN function| getEncryptNewPIN function| generateRandom function| makeEncryptPIN function| makeEncryptPINClear function| makeEncryptChangePIN function| makeEncryptChangePINClear function| generateXOR_2 function| generateXOR_ASCII_HEX function| HEXtoASCIIHEX function| hex_to_ascii function| xorEncode function| lenData function| ascii function| sha256 function| hex_to_ascii1 function| aes_enc function| rsa2048 number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt number| rng_psize function| Arcfour function| ARC4init function| ARC4next function| prng_newstate undefined| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncrypt1 function| paddingLeft function| pkcs1pad2_ function| paddy object| CTPCryptoJS function| e2eeEncrypt string| vt function| initTerminalSpot

3 Cookies

Domain/Path Name / Value
epos.ctbcbank.com/ Name: JSESSIONID
Value: aA3rsu7xtKi-RxySkinAg2dQ
epos.ctbcbank.com/ Name: MYSESSION
Value: !meAqbPrrMMQzyRpRKP4mcSbTjkEe6dbqKDJKienXYM+9Xpfo4TWOlpeN+ZZb0fHjUxx84aQeLM3ZOmjBg9HNzEVlBNXjPSBoMbtquyE3D9pGEjnhphaFv2S45AT0nyOWLkXgv6E75HoTUaSn7J3axsM0vB4tSe8=
epos.ctbcbank.com/ Name: TS01dafcb2
Value: 01c2a9c2b99e35009953d352e0ca177b79297abdce3cc4b534e1695aa4a70ab1d82825e214eb5b7ab8256c5334de153b49d8c91eaf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN