urlscan.io logo urlscan.io
SecurityTrails logo

ob.ctbcbank.com Open in urlscan Pro
175.184.241.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://ob.ctbcbank.com/card/
Submission: On June 21 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 25 domains to perform 179 HTTP transactions. The main IP is 175.184.241.234, located in Taiwan and belongs to CHINATRUST-AS-TW Chinatrust Commercial Bank, TW. The main domain is ob.ctbcbank.com.
TLS certificate: Issued by TWCA Global EVSSL Certification Autho... on May 30th 2022. Valid for: a year.
This is the only time ob.ctbcbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
51 175.184.241.234 131143 (CHINATRUS...)
8 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 35.186.212.60 15169 (GOOGLE)
8 2a03:2880:f01... 32934 (FACEBOOK)
7 2620:1ec:c11:... 8068 (MICROSOFT...)
1 34.111.114.222 15169 (GOOGLE)
1 124.29.140.230 24158 (TAIWANMOB...)
1 142.250.185.226 15169 (GOOGLE)
1 108.138.15.119 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
34 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 175.184.243.188 131143 (CHINATRUS...)
2 175.184.243.207 ()
179 16
51    175.184.241.234 (Taiwan)

ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW)
ob.ctbcbank.com
8    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    35.186.212.60 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com
tag.yieldoptimizer.com
8    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    34.111.114.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 222.114.111.34.bc.googleusercontent.com
jscdn.appier.net
1    124.29.140.230 (Taiwan)

ASN24158 (TAIWANMOBILE-AS Taiwan Mobile Co., Ltd., TW)
PTR: userver.tamedia.net.tw
track.tamedia.com.tw
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
2    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
34    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    175.184.243.188 (Taiwan)

ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW)
eb.ctbcbank.com
2    175.184.243.207 (None, )

ASN- ()
www.ctbcbank.com
Apex Domain
Subdomains		 Transfer
54 ctbcbank.com
ob.ctbcbank.com
www.ctbcbank.com Failed
eb.ctbcbank.com — Cisco Umbrella Rank: 483470
630 KB
34 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
3 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
8 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
378 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
488 KB
7 bing.com
bat.bing.com — Cisco Umbrella Rank: 389
24 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
cm.g.doubleclick.net Failed
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
3 KB
2 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4824
2 KB
1 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1467
match.adsrvr.org Failed
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
15 KB
1 tamedia.com.tw
track.tamedia.com.tw
3 KB
1 appier.net
jscdn.appier.net — Cisco Umbrella Rank: 44933
s.c.appier.net Failed
t0.c.appier.net Failed
anylist.c.appier.net Failed
20 KB
0 clarity.ms Failed
www.clarity.ms Failed
0 google.de Failed
www.google.de Failed
0 google.com Failed
www.google.com Failed
0 ctnsnet.com Failed
cm.ctnsnet.com Failed
0 yahoo.com Failed
cms.analytics.yahoo.com Failed
0 krxd.net Failed
beacon.krxd.net Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 turn.com Failed
d.turn.com Failed
0 adaraanalytics.com Failed
tag.adaraanalytics.com Failed
0 rlcdn.com Failed
idsync.rlcdn.com Failed
0 ad2iction.com Failed
adlogs.ad2iction.com Failed
0 scupio.com Failed
img.scupio.com Failed
0 menlosecurity.com Failed
xhr-ap-east-1-02650019-view.menlosecurity.com Failed
179 25
Domain Requested by
51 ob.ctbcbank.com ob.ctbcbank.com
34 www.facebook.com ob.ctbcbank.com
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ob.ctbcbank.com
8 connect.facebook.net ob.ctbcbank.com
connect.facebook.net
8 www.googletagmanager.com ob.ctbcbank.com
7 bat.bing.com ob.ctbcbank.com
bat.bing.com
2 www.ctbcbank.com ob.ctbcbank.com
eb.ctbcbank.com
www.ctbcbank.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 stats.g.doubleclick.net www.google-analytics.com
2 tag.yieldoptimizer.com 1 redirects ob.ctbcbank.com
1 eb.ctbcbank.com ob.ctbcbank.com
1 js.adsrvr.org www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 track.tamedia.com.tw www.googletagmanager.com
1 jscdn.appier.net www.googletagmanager.com
0 anylist.c.appier.net Failed ob.ctbcbank.com
0 t0.c.appier.net Failed ob.ctbcbank.com
0 www.clarity.ms Failed bat.bing.com
0 www.google.de Failed ob.ctbcbank.com
0 www.google.com Failed ob.ctbcbank.com
0 s.c.appier.net Failed ob.ctbcbank.com
0 cm.ctnsnet.com Failed ob.ctbcbank.com
0 cms.analytics.yahoo.com Failed ob.ctbcbank.com
0 beacon.krxd.net Failed ob.ctbcbank.com
0 dpm.demdex.net Failed ob.ctbcbank.com
0 d.turn.com Failed ob.ctbcbank.com
0 tag.adaraanalytics.com Failed ob.ctbcbank.com
0 idsync.rlcdn.com Failed ob.ctbcbank.com
0 match.adsrvr.org Failed ob.ctbcbank.com
0 cm.g.doubleclick.net Failed ob.ctbcbank.com
0 adlogs.ad2iction.com Failed www.googletagmanager.com
0 img.scupio.com Failed ob.ctbcbank.com
0 xhr-ap-east-1-02650019-view.menlosecurity.com Failed ob.ctbcbank.com
www.googletagmanager.com
bat.bing.com
179 33

This site contains links to these domains. Also see Links.

Domain
www.ctbcbank.com
Subject Issuer Validity Valid
ob.ctbcbank.com
TWCA Global EVSSL Certification Authority		 2022-05-30 -
2023-06-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-30 -
2022-06-28		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
jscdn.appier.net
R3		 2022-04-29 -
2022-07-28		 3 months crt.sh
track.tamedia.com.tw
TWCA Secure SSL Certification Authority		 2021-11-03 -
2022-12-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
eb.ctbcbank.com
TWCA Global EVSSL Certification Authority		 2022-01-12 -
2023-02-12		 a year crt.sh
www.ctbcbank.com
TWCA Global EVSSL Certification Authority		 2021-06-25 -
2022-07-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ob.ctbcbank.com/card/
Frame ID: 3BA063F032F38D4DD05AF2A40E5C000D
Requests: 178 HTTP requests in this frame

Frame: https://www.ctbcbank.com/jscollection/WebConnector-app.js
Frame ID: 38661E21C946223F7BAE1A7B4AAB8CE4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

中國信託銀行信用卡線上申請

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

179
Requests

72 %
HTTPS

47 %
IPv6

25
Domains

33
Subdomains

16
IPs

4
Countries

1588 kB
Transfer

4648 kB
Size

34
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://tag.yieldoptimizer.com/ps/ps?t=s&p=2226&pg=allpageRT HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=594234115&t=s&p=2226&pg=allpageRT
Request Chain 77
  • https://anylist.c.appier.net/r2?country=TW&enable_cookie_sync=1&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&referer=&ssid=EMPyfr3lfknSHGJdKKFPDW&sessidx=1&siteuid=CMV2Tf-8JSRqY3rb&appier_utmz={}&_t=1655799424125&_tz=0&uc=TW&tv=2.6.10&eqid=S3bSx5KZLK3jWDvJ&site=ctbcbank.com&lt=5222 HTTP 0
  • https://s.c.appier.net/aprcm?a_i=%2Fr2%3Fcountry%3DTW%26enable_cookie_sync%3D1%26url%3Dhttps%253A%252F%252Fob.ctbcbank.com%252Fcard%252F%26referer%3D%26ssid%3DEMPyfr3lfknSHGJdKKFPDW%26sessidx%3D1%26siteuid%3DCMV2Tf-8JSRqY3rb%26appier_utmz%3D%7B%7D%26_t%3D1655799424125%26_tz%3D0%26uc%3DTW%26tv%3D2.6.10%26eqid%3DS3bSx5KZLK3jWDvJ%26site%3Dctbcbank.com%26lt%3D5222&gdpr=0&gdpr_consent=
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/989285595/?value=0&guid=ON&script=0&random=2763554476636432000 HTTP 0
  • https://www.google.com/pagead/1p-user-list/989285595/?value=0&guid=ON&script=0&random=2763554476636432000&is_vtc=1&random=2368545903
Request Chain 80
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944142328/?value=0&guid=ON&script=0&random=1742820619800638000 HTTP 0
  • https://www.google.com/pagead/1p-user-list/944142328/?value=0&guid=ON&script=0&random=1742820619800638000&is_vtc=1&random=886044997
Request Chain 81
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/684212241/?value=0&guid=ON&script=0&data=appier_siteid%3Dctbcbank.com%3Bevent%3Dpage_view&random=8620592013709873000 HTTP 0
  • https://www.google.com/pagead/1p-user-list/684212241/?value=0&guid=ON&script=0&data=appier_siteid%3Dctbcbank.com%3Bevent%3Dpage_view&random=8620592013709873000&is_vtc=1&random=1230582164

179 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ob.ctbcbank.com/card/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
fb4750e27ad98a214e0652d0a8068db154133be4c5081040d3cdd961e4675917
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*.ctbcbank.com
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Content-Type
text/html
Date
Tue, 21 Jun 2022 08:17:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
Permissions-Policy
microphone=()
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding, User-Agent
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
slick.css
ob.ctbcbank.com/card/js/slick/ 		2 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/slick/slick.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
919fb28b08000eb4928fb5015ff15357db9cac91cea57c54e89673906afcec7b
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
561
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
slick-theme2.css
ob.ctbcbank.com/card/js/slick/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/slick/slick-theme2.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
f96906d32ab0b3f00040ab70f29e10ad6f94d5ea7bd6b6ce21b4746d881dce47
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
1063
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
font-awesome.min.css
ob.ctbcbank.com/card/css/ 		26 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/font-awesome.min.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
owl.carousel.min.css
ob.ctbcbank.com/card/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/owl.carousel.min.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
18539e0630ca3e8d98023b64b2b20dd5c968f001d4598960f209896a45104d5e
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
1130
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
owl.theme.default.min.css
ob.ctbcbank.com/card/css/ 		1013 B
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/owl.theme.default.min.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
1013
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
jquery.fancybox.css
ob.ctbcbank.com/card/js/fancybox/ 		5 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/fancybox/jquery.fancybox.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
f117e206f015a419be6f05a05b1c8c99bdaf9b69f328087a18056d7a4118eb7d
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
jquery-3.6.0.min.js
ob.ctbcbank.com/card/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/jquery-3.6.0.min.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
owl.carousel.min.js
ob.ctbcbank.com/card/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/owl.carousel.min.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
jquery.fancybox.js
ob.ctbcbank.com/card/js/fancybox/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/fancybox/jquery.fancybox.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
slick.min.js
ob.ctbcbank.com/card/js/slick/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/slick/slick.min.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
45ae1432efa75fdb8849655414f0acfb4d6d3bb28cb88de9c04569698bef413c
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
verification.js
ob.ctbcbank.com/card/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/verification.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
ebbe1f44951f55b0f58cb8da680eaf3fe6bd9984e7224fb90217da6f071e3a57
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
script.js
ob.ctbcbank.com/card/js/ 		1 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/script.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
f214d844bda8e574d18fdec03efd36f20e4c95dd6d4c05034969afd0ec0d85e7
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
541
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
app.aac9d18d.css
ob.ctbcbank.com/card/css/ 		47 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/app.aac9d18d.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
c5b408361d1cd2a19882d463d59a0b3e572feaf6e47f02b29739930ea69baa63
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
app.663f1737.js
ob.ctbcbank.com/card/js/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/app.663f1737.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
a3d3fd8f010b144e4d5b98b554773de4f171a5b8bafcf82eecbb33879da95a00
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-vendors.ddc5241f.js
ob.ctbcbank.com/card/js/ 		389 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-vendors.ddc5241f.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
b5ba4d14ec218726bedafbc4515bf3793a52a3f4c94d032cab4e996d13a98b34
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
gtm.js
www.googletagmanager.com/ 		336 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KLKKJTN
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1341984382dd8e2a321e4bd823e00c18d6ffb90e96b3847ba973a569b1488fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82193
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 08:17:03 GMT
gtm.js
www.googletagmanager.com/ 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFBKZWB
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
def05ed0c3e760be3c9a63cb340a4ff7f4e25fc51aa894accfd360cd4700bab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52229
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 08:17:03 GMT
gtm.js
www.googletagmanager.com/ 		112 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PBPCHZT
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68d15c1433c9aea2acf5960a9b4e376e28bcde241c45b9699b2107e586472274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43343
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 08:17:03 GMT
gtm.js
www.googletagmanager.com/ 		451 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TH7B3LN
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fac557ece80b332e0c3f9dbfa38db5b7192298615873aa61a5e62c1eb70a5f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89488
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 08:17:03 GMT
chunk-03c040db.3128d6af.css
ob.ctbcbank.com/card/css/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/chunk-03c040db.3128d6af.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-25d22046.fdd16c89.css
ob.ctbcbank.com/card/css/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/chunk-25d22046.fdd16c89.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
706
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-3c6a0081.8edfbc15.css
ob.ctbcbank.com/card/css/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/chunk-3c6a0081.8edfbc15.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-6519725b.853a6eec.css
ob.ctbcbank.com/card/css/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/chunk-6519725b.853a6eec.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-7f1562e2.a3b92e20.css
ob.ctbcbank.com/card/css/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/chunk-7f1562e2.a3b92e20.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-9aac4a5e.ceb32953.css
ob.ctbcbank.com/card/css/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/chunk-9aac4a5e.ceb32953.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-ca66d066.45452bf2.css
ob.ctbcbank.com/card/css/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/chunk-ca66d066.45452bf2.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
1020
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-03c040db.9c1e8c12.js
ob.ctbcbank.com/card/js/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-03c040db.9c1e8c12.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-25d22046.4729a8ae.js
ob.ctbcbank.com/card/js/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-25d22046.4729a8ae.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-2d22996d.58b639e1.js
ob.ctbcbank.com/card/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-2d22996d.58b639e1.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
1271
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-3c6a0081.43646e49.js
ob.ctbcbank.com/card/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-3c6a0081.43646e49.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
744
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-6519725b.0286b102.js
ob.ctbcbank.com/card/js/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-6519725b.0286b102.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-7f1562e2.db5f907c.js
ob.ctbcbank.com/card/js/ 		0
48 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-7f1562e2.db5f907c.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-9aac4a5e.825a2796.js
ob.ctbcbank.com/card/js/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-9aac4a5e.825a2796.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
311
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-ca66d066.17620ce6.js
ob.ctbcbank.com/card/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-ca66d066.17620ce6.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
657
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBPCHZT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4334
date
Tue, 21 Jun 2022 07:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 21 Jun 2022 09:04:49 GMT
gtm.js
www.googletagmanager.com/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P6429FW
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7123bac80f9b0a27ecb5528b1d528a187e7dbdcab97d50366a13df66cb79a3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44634
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 08:17:03 GMT
gtm.js
www.googletagmanager.com/ 		141 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KNHJ466
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
942f50323a3a3c5cfb82bee7413982d577dfeacffb9adb4d51fb699a2110f0eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50423
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 08:17:03 GMT
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=s&p=2226&pg=allpageRT
  • https://tag.yieldoptimizer.com/ps/ps?tc=594234115&t=s&p=2226&pg=allpageRT
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.yieldoptimizer.com/ps/ps?tc=594234115&t=s&p=2226&pg=allpageRT
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
508071cd808153fb431769c46b001cae3e1399ff07db9b604861562ae5207fa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 08:17:03 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
text/javascript;charset=ISO-8859-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1201
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Jun 2022 08:17:03 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/ps?tc=594234115&t=s&p=2226&pg=allpageRT
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
onbpUSpiOssXl+ZX1GgtTBchtxWjkB03AoxfHi6kYliBv6OI6huyRB92VOPfd1mijMZWhNDpgAoDGBtDUXSmUg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Tue, 21 Jun 2022 08:17:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 18:22:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 45814B9C83AB4AB5ADED21B57B111E22 Ref B: FRAEDGE1207 Ref C: 2022-06-21T08:17:03Z
etag
"0c8eafcad81d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 21 Jun 2022 08:17:03 GMT
accept-ranges
bytes
content-length
11360
aa.js
jscdn.appier.net/ 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.appier.net/aa.js?id=ctbcbank.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFBKZWB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.114.222 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
222.114.111.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ab31be2680343c21d8bb6e21b00e52c993bde42be0c01218a1ca6ec2bb834be5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 06:52:18 GMT
via
1.1 google
server
nginx
age
5086
etag
W/"6e76ae700738285f629d5460513c86ab"
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=0
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20491
adtrack.js
track.tamedia.com.tw/rtracker/g/adTracking/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.tamedia.com.tw/rtracker/g/adTracking/adtrack.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKKJTN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.29.140.230 , Taiwan, ASN24158 (TAIWANMOBILE-AS Taiwan Mobile Co., Ltd., TW),
Reverse DNS
userver.tamedia.net.tw
Software
/
Resource Hash
025caa7690f1bbdf9e0aeec706d5845de68cacae7f676bff892132ca9d11b4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:04 GMT
Last-Modified
Thu, 22 Apr 2021 07:46:22 GMT
Server
ETag
W/"2414-1619077582000"
Content-Type
application/javascript;charset=UTF-8
Connection
close
Accept-Ranges
bytes
Content-Length
2414
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKKJTN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15000
x-xss-protection
0
server
cafe
etag
6069194915506431635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 08:17:04 GMT
gtm.js
www.googletagmanager.com/ 		234 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W4M57WC
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b9865f06f70fc7aa125993f293bb23653fce063c603dec9d4e858016a429263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58730
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 08:17:03 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKKJTN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 04:18:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
24930
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P7
X-Amz-Cf-Id
GttbiZHgk_-FEX0U-pZ-DflN0QjmlVbF3-Thz4NkGyZDCidIZ1fSDA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=196554812&t=pageview&_s=1&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&dp=%2Fcard%2F&ul=en-us&de=UTF-8&dt=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=613331464&gjid=7478111&cid=872565955.1655799424&tid=UA-144694390-1&_gid=569820644.1655799424&_r=1&gtm=2wg6f0PBPCHZT&z=669457655
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ob.ctbcbank.com/card/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 08:17:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ob.ctbcbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=196554812&t=pageview&_s=1&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&ul=en-us&de=UTF-8&dt=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1922938780&gjid=1150741467&cid=872565955.1655799424&tid=UA-135916138-1&_gid=569820644.1655799424&_r=1&gtm=2wg6f0MFBKZWB&z=1808257801
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ob.ctbcbank.com/card/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 08:17:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ob.ctbcbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=196554812&t=pageview&_s=1&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&dp=%2Fcard%2F&ul=en-us&de=UTF-8&dt=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEHAAEABAAAAAC~&jid=2008622069&gjid=1097483074&cid=872565955.1655799424&tid=UA-113658199-14&_gid=569820644.1655799424&_r=1&gtm=2wg6f0TH7B3LN&z=566318182
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ob.ctbcbank.com/card/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 08:17:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ob.ctbcbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=196554812&t=event&ni=1&_s=1&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&ul=en-us&de=UTF-8&dt=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E7%80%8F%E8%A6%BD&ea=%E7%80%8F%E8%A6%BD&el=%2Fcard%2F&ev=0&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=872565955.1655799424&tid=UA-144694390-1&_gid=569820644.1655799424&gtm=2wg6f0PBPCHZT&z=911528275
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 15:57:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58752
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
3147848421950953
connect.facebook.net/signals/config/ 		287 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3147848421950953?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cd07fb3094c3beaf397d167e0157cb7cefcc071195db0cc306f2d0b2f6e07e42
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
dyJKfjbOxJISybJ313UbXxdd0VDnGEorUOOJ/g7fwwF5c5eVbA5B7PWxxhZGoAYK5K5CHj7hQRrC0FErYb82aA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 21 Jun 2022 08:17:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655799424186
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
undefined.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/undefined.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E26B91DCF44A4569A42237AE3903CE14 Ref B: FRAEDGE1207 Ref C: 2022-06-21T08:17:04Z
date
Tue, 21 Jun 2022 08:17:04 GMT
x-cache
CONFIG_NOCACHE
20253258.js
bat.bing.com/p/action/ 		219 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/20253258.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03220ea14b9af6c6ce74b2b5a318226f0028e329dad6b2c0bfeac3e484bc9e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4AC215A708CD4478BC919610400DC9BD Ref B: FRAEDGE1207 Ref C: 2022-06-21T08:17:04Z
date
Tue, 21 Jun 2022 08:17:04 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
300
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
pixel.js
img.scupio.com/js/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
trackeventv3.js
adlogs.ad2iction.com/tracker/event/ 		0
0
gtm.js
www.googletagmanager.com/ 		503 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSSK3NT
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfed55a93d4909e7e4472e2a64325475eb40108f267a45ab8ea138a16f411def
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77622
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 08:17:04 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144694390-1&cid=872565955.1655799424&jid=613331464&gjid=7478111&_gid=569820644.1655799424&_u=YEBAAAAAAAAAAC~&z=1730051975
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ob.ctbcbank.com/card/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 21 Jun 2022 08:17:04 GMT
content-type
text/plain
access-control-allow-origin
https://ob.ctbcbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135916138-1&cid=872565955.1655799424&jid=1922938780&gjid=1150741467&_gid=569820644.1655799424&_u=YEDAAEABAAAAAC~&z=457371738
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ob.ctbcbank.com/card/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 21 Jun 2022 08:17:04 GMT
content-type
text/plain
access-control-allow-origin
https://ob.ctbcbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
pixel
cm.g.doubleclick.net/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
generic
match.adsrvr.org/track/cmf/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
394499.gif
idsync.rlcdn.com/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
aasync
tag.adaraanalytics.com/ps/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
ps
d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
ibs:dpid=22069&dpuuid=3015903967477
dpm.demdex.net/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
usermatch.gif
beacon.krxd.net/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
cms
cms.analytics.yahoo.com/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
cm
cm.ctnsnet.com/int/ 		0
0
aprcm
s.c.appier.net/
Redirect Chain
  • https://anylist.c.appier.net/r2?country=TW&enable_cookie_sync=1&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&referer=&ssid=EMPyfr3lfknSHGJdKKFPDW&sessidx=1&siteuid=CMV2Tf-8JSRqY3rb&appier_utmz={}&_t...
  • https://s.c.appier.net/aprcm?a_i=%2Fr2%3Fcountry%3DTW%26enable_cookie_sync%3D1%26url%3Dhttps%253A%252F%252Fob.ctbcbank.com%252Fcard%252F%26referer%3D%26ssid%3DEMPyfr3lfknSHGJdKKFPDW%26sessidx%3D1%2...
0
0
tr
www.facebook.com/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=267979247384011&ev=PageView&dl=https%253A%252F%252Fob.ctbcbank.com%252Fcard%252F&rl=&if=false&ts=1655799424132&fbp=fb.2.1655799424131.1175422500
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 21 Jun 2022 08:17:04 GMT
/
www.google.com/pagead/1p-user-list/989285595/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/989285595/?value=0&guid=ON&script=0&random=2763554476636432000
  • https://www.google.com/pagead/1p-user-list/989285595/?value=0&guid=ON&script=0&random=2763554476636432000&is_vtc=1&random=2368545903
0
0
/
www.google.com/pagead/1p-user-list/944142328/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944142328/?value=0&guid=ON&script=0&random=1742820619800638000
  • https://www.google.com/pagead/1p-user-list/944142328/?value=0&guid=ON&script=0&random=1742820619800638000&is_vtc=1&random=886044997
0
0
/
www.google.com/pagead/1p-user-list/684212241/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/684212241/?value=0&guid=ON&script=0&data=appier_siteid%3Dctbcbank.com%3Bevent%3Dpage_view&random=8620592013709873000
  • https://www.google.com/pagead/1p-user-list/684212241/?value=0&guid=ON&script=0&data=appier_siteid%3Dctbcbank.com%3Bevent%3Dpage_view&random=8620592013709873000&is_vtc=1&random=1230582164
0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/923007433/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923007433/?random=1655799424134&cv=9&fst=1655799424134&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4b79c6b26334d620b67688c8b03d1548d5d19e0bf70c2887a1b71afe270193d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 08:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1071
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/923007433/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923007433/?random=1655799424137&cv=9&fst=1655799424137&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac2375ebd3cc01b91aa98aa35d1fe4939a0ed32999566fcb1916d1faba30d994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 08:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1071
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
ga-audiences
www.google.com/ads/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
ga-audiences
www.google.de/ads/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
/
www.google.com/pagead/1p-user-list/923007433/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
/
www.google.de/pagead/1p-user-list/923007433/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
/
www.google.com/pagead/1p-user-list/923007433/ 		0
0
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
/
www.google.de/pagead/1p-user-list/923007433/ 		0
0
1112088585851110
connect.facebook.net/signals/config/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1112088585851110?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff20044e3d611f6375191934fed79e976fd077b37ae6514376b828038bc9eddf
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
+fBmf0joojbDIZP9B6H2ULRakpDxWIykLa5yxtdkaGm5KdblA27qsLWQrUimlK1MkG9jZflw7CdyDIYQtB0J1g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 21 Jun 2022 08:17:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655799424317
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3147848421950953&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&rl=&if=false&ts=1655799424262&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:04 GMT
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
20253258
www.clarity.ms/tag/uet/ 		0
0
517330422345488
connect.facebook.net/signals/config/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/517330422345488?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33125df64540d176b251e6fcb0c11c00c2f3c8d782447e2271bd66d19df314d2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
B6N1GAhSmLGM1FmtYUp8k6T2gk+pRnKKmC3GsttbCHu6ry0/lQtTCvsEYY+yH/GuEuY0ZEJji9bFzvqaBInSkw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 21 Jun 2022 08:17:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655799424387
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1112088585851110&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&rl=&if=false&ts=1655799424333&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:04 GMT
246999096746120
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/246999096746120?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6a9b5c4c745980adc055a57dd28c6ca9b245f603a3b932aef4f04491a7777fe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
m190BYl6DGCKH32JejBMEKo/C06YVGwQfN4XnlP+SZgL9+Nl6d8WYAG4JkPgxzazD3A0gCasfBNP8jKsCYY3oQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 21 Jun 2022 08:17:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655799424552
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=517330422345488&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&rl=&if=false&ts=1655799424407&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:04 GMT
534235133584014
connect.facebook.net/signals/config/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/534235133584014?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87e3aaf13049d102723ee759d62385099e40f7febfe40a4bab6ea64d3647b7f2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
tDDnDkbDrhafDg8ATUpG1UMYAcQEIJM2DWBbDar72ju3+5abOaCxQAk1XR2GIXuUTw6vBPBa0BMcaPDZLrXGZw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 21 Jun 2022 08:17:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655799424644
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=246999096746120&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&rl=&if=false&ts=1655799424582&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:04 GMT
275225950458749
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/275225950458749?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7351f65f38e9a08de5da59f9d0b665c8b2cec8d1b43f94d634703910fb4e05d0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
09kuuHanc3dRiNSDGDwlvmd5NqpR/rWXTYLj4lSHJFOkAacszzvus8H6B78yBhiD9z5/GuzYIrBkjknEu8XKvg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 21 Jun 2022 08:17:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655799424758
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=534235133584014&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&rl=&if=false&ts=1655799424659&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:04 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=275225950458749&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&rl=&if=false&ts=1655799424784&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:04 GMT
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
1575756115996166
connect.facebook.net/signals/config/ 		287 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1575756115996166?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2858783ee377db7cbd687bc1db2a6960e79ef7362550813fd654aac9a499a9d4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
bN+WooKKAfZIqHSkrEeSr9Sv1ZKqgztt6pcAIYWhjS4dMZkNujVEorlgsrROP+sjUo2GaUZPgyHfgfIjaFVF8g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 21 Jun 2022 08:17:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655799425418
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
chunk-9aac4a5e.ceb32953.css
ob.ctbcbank.com/card/css/ 		23 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/css/chunk-9aac4a5e.ceb32953.css
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/js/app.663f1737.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
b2f83eb9f83b2b2f93c81ba0ce8c6fa5a230eba85769a340d02ebfd0911ec45f
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-9aac4a5e.825a2796.js
ob.ctbcbank.com/card/js/ 		311 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-9aac4a5e.825a2796.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/js/app.663f1737.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
4cae5af7b8bec98b75e0099ed16a30d101abd0f00efea1b5baae255f74b2bc78
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
311
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
chunk-2d22996d.58b639e1.js
ob.ctbcbank.com/card/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/card/js/chunk-2d22996d.58b639e1.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/js/app.663f1737.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
f965ca15df15ad7cb1b956174c0495678d00a7137f5dc59b5fceb8dbe8f13382
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Connection
keep-alive
Content-Length
1271
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
logo.png
ob.ctbcbank.com/card/image//DEFAULT/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/image//DEFAULT/logo.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
X-XSS-Protection
1; mode=block
Connection
keep-alive
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
196
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
bg.jpg
ob.ctbcbank.com/card/image//DEFAULT/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/image//DEFAULT/bg.jpg
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
X-XSS-Protection
1; mode=block
Connection
keep-alive
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
196
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
WebConnector-app.js
www.ctbcbank.com/jscollection/ Frame 3866 		0
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=196554812&t=pageview&_s=1&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&dp=%2Fcard%2F%23%2F&ul=en-us&de=UTF-8&dt=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=872565955.1655799424&tid=UA-144694390-1&_gid=569820644.1655799424&gtm=2wg6f0PBPCHZT&z=1741256202
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 15:57:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=196554812&t=event&ni=1&_s=1&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&ul=en-us&de=UTF-8&dt=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E7%80%8F%E8%A6%BD&ea=%E7%80%8F%E8%A6%BD&el=%2Fcard%2F%23%2F&ev=0&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=872565955.1655799424&tid=UA-144694390-1&_gid=569820644.1655799424&gtm=2wg6f0PBPCHZT&z=257945166
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 15:57:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
/
t0.c.appier.net/web2/xQfN5zpGjp9tx7C/ 		0
0
new.png
ob.ctbcbank.com/card/image//DEFAULT/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/image//DEFAULT/new.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
X-XSS-Protection
1; mode=block
Connection
keep-alive
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
196
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
product.png
ob.ctbcbank.com/card/image//DEFAULT/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/image//DEFAULT/product.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
X-XSS-Protection
1; mode=block
Connection
keep-alive
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
196
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
wen.png
ob.ctbcbank.com/card/img/ 		493 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/wen.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
38b93f6c7666e0a77374f3991225b3023edc76996418617330004428ba181ff5
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
493
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
visa.png
ob.ctbcbank.com/card/img/card-brand/ 		5 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/card-brand/visa.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e7fc4409b0d675a31eeec64e64a945ef445812bbade9ea0bc3250afd5baea1be
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
5070
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
jcb.png
ob.ctbcbank.com/card/img/card-brand/ 		6 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/card-brand/jcb.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
453f1b37bd6d22ac081f8bd8be73e207975ad5ea465b86b9ef8f10ecb8988269
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
5868
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
mastercard.png
ob.ctbcbank.com/card/img/card-brand/ 		7 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/card-brand/mastercard.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e971723a329f93c2f636085a46fb5e82f616e32fcd198105f8c388d184445317
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
6954
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
refresh.jpg
ob.ctbcbank.com/card/img/ 		2 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/refresh.jpg
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
1440b24e847c7040249e34eb27b93ae29b4b8a4caeaff945f93ddaf187b5fadf
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
2390
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
wen-red.png
ob.ctbcbank.com/card/img/ 		599 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/wen-red.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
504eb76c3164d63be4dd1c04b8046242b0afdbd6bf872a61840b59b43a4ec3f5
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
599
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
foot-d.png
ob.ctbcbank.com/card/img/ 		28 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/foot-d.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
852efdc071f2d496c410f7c6b907caa95b82e4e5a9ce027c58eb7825b0a4f948
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
29115
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
foot-m.png
ob.ctbcbank.com/card/img/ 		45 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/foot-m.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
f88f9b87081304807c6e7a8b3c4785733441d55c961d211f24aa265292e1c531
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
45883
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
remind_img.png
ob.ctbcbank.com/card/image//DEFAULT/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/image//DEFAULT/remind_img.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:06 GMT
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
X-XSS-Protection
1; mode=block
Connection
keep-alive
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
196
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
showMaintain
ob.ctbcbank.com/api/card/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/api/card/showMaintain
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/js/chunk-vendors.ddc5241f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://ob.ctbcbank.com/card/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
getCardInfoByCardId
ob.ctbcbank.com/api/card/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/api/card/getCardInfoByCardId
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/js/chunk-vendors.ddc5241f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://ob.ctbcbank.com/card/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
getCaptcha
ob.ctbcbank.com/api/card/ 		4 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ob.ctbcbank.com/api/card/getCaptcha?timestamp=1655799425356
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/js/chunk-vendors.ddc5241f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
620135e0406b5d38de9bf4e7f2a79126d57baa3f7d1b6919ada936835ce177df
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://ob.ctbcbank.com/card/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding, User-Agent
Content-Length
3439
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=undefined&Ver=2&mid=1b957aa0-d032-4010-9c06-4c3df977eb8b&sid=89408e50f13a11ec94c027160335adc8&vid=894097b0f13a11ec86e69d9bef5a3032&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&p=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&r=&lt=6569&evt=pageLoad&msclkid=N&sv=1&rn=328469
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2C1517D8B104071A82DB88ABB6FECBF Ref B: FRAEDGE1207 Ref C: 2022-06-21T08:17:05Z
date
Tue, 21 Jun 2022 08:17:05 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=20253258&Ver=2&mid=8b124612-1777-4358-a62b-9fd77b89742f&sid=89408e50f13a11ec94c027160335adc8&vid=894097b0f13a11ec86e69d9bef5a3032&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&p=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&r=&lt=6569&evt=pageLoad&msclkid=N&sv=1&rn=486237
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C72962EC5FA84BEBA0613F3CA821756D Ref B: FRAEDGE1207 Ref C: 2022-06-21T08:17:05Z
date
Tue, 21 Jun 2022 08:17:05 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
tr
www.facebook.com/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=267979247384011&ev=type_process&dl=https%253A%252F%252Fob.ctbcbank.com%252Fcard%252F%2523%252F&rl=&if=false&ts=1655799425483&cd[appier_siteid]=ctbcbank.com&fbp=fb.2.1655799424131.1175422500
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
ir5d
anylist.c.appier.net/r3/ 		0
0
0
bat.bing.com/action/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=undefined&Ver=2&mid=70a84f14-1e9d-4e69-9220-0b8fda6514d6&sid=89408e50f13a11ec94c027160335adc8&vid=894097b0f13a11ec86e69d9bef5a3032&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&p=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&r=&lt=6569&evt=pageLoad&msclkid=N&sv=1&rn=901235
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CCDDD432C4DF4677B4D6F2397F70D7C8 Ref B: FRAEDGE1207 Ref C: 2022-06-21T08:17:05Z
date
Tue, 21 Jun 2022 08:17:05 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1575756115996166&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425501&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3147848421950953&ev=AddToWishlist&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425502&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1112088585851110&ev=AddToWishlist&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425503&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=517330422345488&ev=AddToWishlist&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425507&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=246999096746120&ev=AddToWishlist&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425508&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=534235133584014&ev=AddToWishlist&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425508&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=275225950458749&ev=AddToWishlist&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425509&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1575756115996166&ev=AddToWishlist&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425510&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3147848421950953&ev=start&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425511&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1112088585851110&ev=start&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425512&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=517330422345488&ev=start&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425513&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=246999096746120&ev=start&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425513&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=534235133584014&ev=start&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425514&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=275225950458749&ev=start&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425515&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1575756115996166&ev=start&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&rl=&if=false&ts=1655799425516&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
bat.js
bat.bing.com/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 18:22:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 24906B840D394AA29688D11A88A69AC8 Ref B: FRAEDGE1207 Ref C: 2022-06-21T08:17:05Z
etag
"0c8eafcad81d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 21 Jun 2022 08:17:05 GMT
accept-ranges
bytes
content-length
11360
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=196554812&t=pageview&_s=1&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&dp=%2Fcard%2F%23%2Ferror&ul=en-us&de=UTF-8&dt=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=872565955.1655799424&tid=UA-144694390-1&_gid=569820644.1655799424&gtm=2wg6f0PBPCHZT&z=1155658828
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 15:57:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=196554812&t=event&ni=1&_s=1&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&ul=en-us&de=UTF-8&dt=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E7%80%8F%E8%A6%BD&ea=%E7%80%8F%E8%A6%BD&el=%2Fcard%2F%23%2Ferror&ev=0&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=872565955.1655799424&tid=UA-144694390-1&_gid=569820644.1655799424&gtm=2wg6f0PBPCHZT&z=32098118
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jun 2022 15:57:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3147848421950953&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799425639&sw=1600&sh=1200&v=2.9.62&r=stable&ec=3&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1112088585851110&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799425639&sw=1600&sh=1200&v=2.9.62&r=stable&ec=3&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=517330422345488&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799425640&sw=1600&sh=1200&v=2.9.62&r=stable&ec=3&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=246999096746120&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799425641&sw=1600&sh=1200&v=2.9.62&r=stable&ec=3&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=534235133584014&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799425641&sw=1600&sh=1200&v=2.9.62&r=stable&ec=3&o=28&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=275225950458749&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799425642&sw=1600&sh=1200&v=2.9.62&r=stable&ec=3&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1575756115996166&ev=PageView&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799425642&sw=1600&sh=1200&v=2.9.62&r=stable&ec=3&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
error-icon.png
ob.ctbcbank.com/card/img/ 		7 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ob.ctbcbank.com/card/img/error-icon.png
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.241.234 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
a1780b43d7c5eb02c8b99ba94b78c61df6e585cb5836228f59de665fe6cac5e8
Security Headers
Name Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
6840
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Jun 2022 09:30:54 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*.ctbcbank.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Permissions-Policy
microphone=()
Content-Security-Policy
default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Content-Security-Policy
default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
csp-violation
xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/ 		0
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3147848421950953&ev=Microdata&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799425765&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=4&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:05 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=246999096746120&ev=Microdata&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799426083&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=4&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:06 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=275225950458749&ev=Microdata&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799426474&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=4&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:06 GMT
WebConnector-webpage.js
eb.ctbcbank.com/jscollection/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eb.ctbcbank.com/jscollection/WebConnector-webpage.js
Requested by
Host: ob.ctbcbank.com
URL: https://ob.ctbcbank.com/card/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.243.188 , Taiwan, ASN131143 (CHINATRUST-AS-TW Chinatrust Commercial Bank, TW),
Reverse DNS
Software
/
Resource Hash
d90a8b0f7e33fd7538703b95eed3e42446c89f125354984931799835f6659b86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Mar 2022 09:19:27 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-XSS-Protection
1;mode=block
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1575756115996166&ev=Microdata&dl=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&rl=&if=false&ts=1655799427003&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=4&o=30&fbp=fb.2.1655799424131.1175422500&it=1655799424047&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:17:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 21 Jun 2022 08:17:07 GMT
s-code-contents-webpage.js
www.ctbcbank.com/jscollection/ 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ctbcbank.com/jscollection/s-code-contents-webpage.js
Requested by
Host: eb.ctbcbank.com
URL: https://eb.ctbcbank.com/jscollection/WebConnector-webpage.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.243.207 -, , ASN (),
Reverse DNS
Software
****** /
Resource Hash
9c5951f348e84c727437af1c6cb9f34148af3e96e8179a4f448d96a6c0a1bc67
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 08:17:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
13332
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 07 Mar 2022 09:19:27 GMT
Server
******
X-Frame-Options
SAMEORIGIN
ETag
"868b-5d99d5c6885c0"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type
application/javascript
Cache-Control
max-age=86400
Permissions-Policy
microphone=(),midi=()
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob:; style-src * 'unsafe-inline'; frame-ancestors 'self'
Accept-Ranges
bytes
e14cd12b
cb3ad15b
Expires
Wed, 22 Jun 2022 08:17:10 GMT
pageTag
www.ctbcbank.com/webads/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ctbcbank.com/webads/pageTag?AQB=1&ts=s43697966085914&t=21%2F5%2F2022%208%3A17%3A11%202%200&D=D%3D&ce=UTF-8&pagename=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&pageurlfull=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2Ferror&pagepath=%2Fcard%2F&host=ob.ctbcbank.com&browsertype=Chrome%20102&os=Windows%2010&screenresolution=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: www.ctbcbank.com
URL: https://www.ctbcbank.com/jscollection/s-code-contents-webpage.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.184.243.207 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ob.ctbcbank.com/card/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
img.scupio.com
URL
https://img.scupio.com/js/pixel.js
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
adlogs.ad2iction.com
URL
https://adlogs.ad2iction.com/tracker/event/trackeventv3.js
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNTkwMzk2NzQ3Nw&google_sc
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/394499.gif?partner_uid=3015903967477
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
tag.adaraanalytics.com
URL
https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxNTkwMzk2NzQ3N3wxNjU1Nzk5NDI0MTAx
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
d.turn.com
URL
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015903967477
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=3015903967477
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
cms.analytics.yahoo.com
URL
https://cms.analytics.yahoo.com/cms?partner_id=ADARA
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
cm.ctnsnet.com
URL
https://cm.ctnsnet.com/int/cm?crdp=true&prv=ar&uid=3015903967477
Domain
s.c.appier.net
URL
https://s.c.appier.net/aprcm?a_i=%2Fr2%3Fcountry%3DTW%26enable_cookie_sync%3D1%26url%3Dhttps%253A%252F%252Fob.ctbcbank.com%252Fcard%252F%26referer%3D%26ssid%3DEMPyfr3lfknSHGJdKKFPDW%26sessidx%3D1%26siteuid%3DCMV2Tf-8JSRqY3rb%26appier_utmz%3D%7B%7D%26_t%3D1655799424125%26_tz%3D0%26uc%3DTW%26tv%3D2.6.10%26eqid%3DS3bSx5KZLK3jWDvJ%26site%3Dctbcbank.com%26lt%3D5222&gdpr=0&gdpr_consent=
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/989285595/?value=0&guid=ON&script=0&random=2763554476636432000&is_vtc=1&random=2368545903
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/944142328/?value=0&guid=ON&script=0&random=1742820619800638000&is_vtc=1&random=886044997
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/684212241/?value=0&guid=ON&script=0&data=appier_siteid%3Dctbcbank.com%3Bevent%3Dpage_view&random=8620592013709873000&is_vtc=1&random=1230582164
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-135916138-1&cid=872565955.1655799424&jid=1922938780&_u=YEDAAEABAAAAAC~&z=401179024
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-135916138-1&cid=872565955.1655799424&jid=1922938780&_u=YEDAAEABAAAAAC~&z=401179024
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/923007433/?random=1655799424137&cv=9&fst=1655798400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&async=1&fmt=3&is_vtc=1&random=28004750&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/923007433/?random=1655799424137&cv=9&fst=1655798400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&async=1&fmt=3&is_vtc=1&random=28004750&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/923007433/?random=1655799424134&cv=9&fst=1655798400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&async=1&fmt=3&is_vtc=1&random=1945277275&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/923007433/?random=1655799424134&cv=9&fst=1655798400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&async=1&fmt=3&is_vtc=1&random=1945277275&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
www.clarity.ms
URL
https://www.clarity.ms/tag/uet/20253258
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
www.ctbcbank.com
URL
https://www.ctbcbank.com/jscollection/WebConnector-app.js
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
t0.c.appier.net
URL
https://t0.c.appier.net/web2/xQfN5zpGjp9tx7C/?action_id=8f71f5d76d306f2&path=%2Fcard%2F&cookie_uid=CMV2Tf-8JSRqY3rb&api_version=1&escaped_qs=&webuu=xPtKuRwa8-Z3_6eSSjo9DX
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Domain
anylist.c.appier.net
URL
https://anylist.c.appier.net/r3/ir5d?url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&referer=&ssid=EMPyfr3lfknSHGJdKKFPDW&sessidx=2&siteuid=CMV2Tf-8JSRqY3rb&appier_utmz={}&_t=1655799425344&_tz=0&uc=TW&tv=2.6.10&eqid=h3wishphyAj_tSer&jsonparams=%7B%22t%22%3A%22type_process%22%2C%22content%22%3A%22submit%22%2C%22action_id%22%3A%228f71f5d76d306f2%22%2C%22track_id%22%3A%22xQfN5zpGjp9tx7C%22%2C%22opts%22%3A%7B%22unique_key%22%3A%22true%22%7D%7D&site=ctbcbank.com&fbp=fb.2.1655799424131.1175422500
Domain
xhr-ap-east-1-02650019-view.menlosecurity.com
URL
https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery function| no_chinese_length_verification function| email_verification2 function| change_big_font_length_verification function| change_bill_send_way function| number_length_verification function| mobile_no_verification2 function| id_card_no_verification function| id_card_no_verification2 function| eng_name_verification function| chi_name_verification function| chineseCheck function| give_experience_yymm function| giveSelectNum function| giveyear function| givemonth function| giveday function| giveIDyear function| PrefixInteger function| giveNyear function| setDays function| isLeapYear function| addOption function| date_verification function| no_p_tel function| same_tel function| same_home function| more_house function| estate_input function| hide_area_open function| check_page function| give_more_dom function| give_more_dom2 function| watermark number| remind_seconds function| remind_pop function| getBroswer number| remind_timer object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| uetq object| appier_q function| postscribe object| google_tag_manager_external object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_ca1ca87253 object| ueto_97b3cbacfe function| trackingObjectCallback function| _bw object| _bwq object| om_app_pix object| APPIER_RETARGET object| _appierSendQueue object| lotame_sync_16163 object| APPIER_LOG object| appierRetargetJson string| APPIER_TRACK_CV function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| webpackJsonp object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| ueto_46978559b9 function| onYouTubeIframeAPIReady string| TAM_TRACKING_API number| TAM_PARAMETER_LENGTH number| TAM_TRACKING_MOTION number| TAM_TRACKING_ID number| TAM_TRACKING_SEQUENCE number| TAM_TRACKING_PARAMETER function| setCookie function| readCookie function| getTrackingValue function| sendTrackParam function| tamTrackingRetrieveInfo function| ttd_dom_ready function| TTDUniversalPixelApi

34 Cookies

Domain/Path Name / Value
.ctbcbank.com/card Name: _fbp
Value: fb.2.1655799424131.1175422500
ob.ctbcbank.com/ Name: BIGipServer~MPB~POOL_INOB_SLB
Value: !NgD05prpWpX+hSrl89rHoJsFzJTkHW1A1qH5OaUU5gjdmAQKDL7d3BOK/Iu3PxBe5y92IgNdxnjOZSQ=
ob.ctbcbank.com/ Name: TS014898d4
Value: 01482e2be6e35ad5c7528c936c5ec2bf32770018823d841ed3e2153f10e6a88b5f13803f64d727fe90a2af23eca29d851ff5f1a9e9
.ctbcbank.com/ Name: _gcl_au
Value: 1.1.1301357375.1655799424
.ob.ctbcbank.com/ Name: _ga
Value: GA1.3.872565955.1655799424
.ob.ctbcbank.com/ Name: _gid
Value: GA1.3.569820644.1655799424
.ob.ctbcbank.com/ Name: _gat_UA-144694390-1
Value: 1
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 594234115
.ctbcbank.com/ Name: _ga
Value: GA1.2.872565955.1655799424
.ctbcbank.com/ Name: _gid
Value: GA1.2.569820644.1655799424
.ctbcbank.com/ Name: _gat_UA-135916138-1
Value: 1
.ctbcbank.com/ Name: _gat_UA-113658199-14
Value: 1
.bing.com/ Name: MUID
Value: 273CEA1647016AEA1BA9FBDC46D36B95
.yieldoptimizer.com/ Name: ckid
Value: 3015903967477
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B118064%5D%2C%22dp%22%3A%5B2226%5D%7D
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B1025%2C1457%2C1203%2C1476%2C39%2C1305%2C1034%2C1084%2C1022%5D%2C%22t%22%3A%5B118064%2C118064%2C118064%2C118064%2C118064%2C118064%2C118064%2C118064%2C118064%5D%7D
.yieldoptimizer.com/ Name: fbh0
Value: %7B%222226%22%3A%221655885824101%22%7D
.ctbcbank.com/ Name: appier_utmz
Value: %7B%7D
.ctbcbank.com/ Name: _atrk_siteuid
Value: CMV2Tf-8JSRqY3rb
.ctbcbank.com/ Name: _atrk_ssid
Value: EMPyfr3lfknSHGJdKKFPDW
.ctbcbank.com/ Name: appier_pv_counter3cb1a4d19a0c6f2
Value: 0
.ctbcbank.com/ Name: appier_page_isView_3cb1a4d19a0c6f2
Value: b3446237eeb033874cb8cbe3872ba263fb31cddf0e295888875771b1d25342c8
.ctbcbank.com/ Name: appier_pv_counter0c2a80f406cf6f2
Value: 0
.ctbcbank.com/ Name: appier_page_isView_0c2a80f406cf6f2
Value: b3446237eeb033874cb8cbe3872ba263fb31cddf0e295888875771b1d25342c8
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ob.ctbcbank.com/ Name: _fbp
Value: fb.2.1655799424131.1175422500
.ctbcbank.com/ Name: appier_random_unique_id_8f71f5d76d306f2
Value: xPtKuRwa8-Z3_6eSSjo9DX
.ctbcbank.com/ Name: _atrk_sessidx
Value: 2
.ctbcbank.com/ Name: _uetsid
Value: 89408e50f13a11ec94c027160335adc8
.ctbcbank.com/ Name: _uetvid
Value: 894097b0f13a11ec86e69d9bef5a3032
ob.ctbcbank.com/ Name: BDDPWGQD
Value: 027cb98f59-dda9-4erusQeFtP63vvMVg35GCjtx1Xz8qW-5_URBoh-vqwwmqQxrX5nddTxITkVgaYw2IkWL_V7EyvFH5W56Ujmug6bA
eb.ctbcbank.com/ Name: TS01041ec0
Value: 01c2a9c2b9cf1fdb934e4190b2e04244574f54c1f53d37122c776503aa8f1178b6d635124faa41a49c7e8488bab61e71eed5c3ea69

55 Console Messages

Source Level URL
Text
security error
Message:
Refused to load the script 'https://img.scupio.com/js/pixel.js' because it violates the following Content Security Policy directive: "script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4M57WC(Line 337)
Message:
Refused to load the script 'https://adlogs.ad2iction.com/tracker/event/trackeventv3.js' because it violates the following Content Security Policy directive: "script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNTkwMzk2NzQ3Nw&google_sc' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://idsync.rlcdn.com/394499.gif?partner_uid=3015903967477' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxNTkwMzk2NzQ3N3wxNjU1Nzk5NDI0MTAx' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015903967477' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=3015903967477' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://cms.analytics.yahoo.com/cms?partner_id=ADARA' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://cm.ctnsnet.com/int/cm?crdp=true&prv=ar&uid=3015903967477' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-135916138-1&cid=872565955.1655799424&jid=1922938780&_u=YEDAAEABAAAAAC~&z=401179024' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-135916138-1&cid=872565955.1655799424&jid=1922938780&_u=YEDAAEABAAAAAC~&z=401179024' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.com/pagead/1p-user-list/684212241/?value=0&guid=ON&script=0&data=appier_siteid%3Dctbcbank.com%3Bevent%3Dpage_view&random=8620592013709873000&is_vtc=1&random=1230582164' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.com/pagead/1p-user-list/944142328/?value=0&guid=ON&script=0&random=1742820619800638000&is_vtc=1&random=886044997' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.com/pagead/1p-user-list/989285595/?value=0&guid=ON&script=0&random=2763554476636432000&is_vtc=1&random=2368545903' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.com/pagead/1p-user-list/923007433/?random=1655799424137&cv=9&fst=1655798400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&async=1&fmt=3&is_vtc=1&random=28004750&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.de/pagead/1p-user-list/923007433/?random=1655799424137&cv=9&fst=1655798400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&async=1&fmt=3&is_vtc=1&random=28004750&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.com/pagead/1p-user-list/923007433/?random=1655799424134&cv=9&fst=1655798400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&async=1&fmt=3&is_vtc=1&random=1945277275&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to load the image 'https://www.google.de/pagead/1p-user-list/923007433/?random=1655799424134&cv=9&fst=1655798400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F&tiba=%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B7%9A%E4%B8%8A%E7%94%B3%E8%AB%8B&async=1&fmt=3&is_vtc=1&random=1945277275&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://bat.bing.com/p/action/20253258.js(Line 2)
Message:
Refused to load the script 'https://www.clarity.ms/tag/uet/20253258' because it violates the following Content Security Policy directive: "script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://ob.ctbcbank.com/card/
Message:
Refused to connect to 'https://s.c.appier.net/aprcm?a_i=%2Fr2%3Fcountry%3DTW%26enable_cookie_sync%3D1%26url%3Dhttps%253A%252F%252Fob.ctbcbank.com%252Fcard%252F%26referer%3D%26ssid%3DEMPyfr3lfknSHGJdKKFPDW%26sessidx%3D1%26siteuid%3DCMV2Tf-8JSRqY3rb%26appier_utmz%3D%7B%7D%26_t%3D1655799424125%26_tz%3D0%26uc%3DTW%26tv%3D2.6.10%26eqid%3DS3bSx5KZLK3jWDvJ%26site%3Dctbcbank.com%26lt%3D5222&gdpr=0&gdpr_consent=' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net".
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://ob.ctbcbank.com/card/#/
Message:
Refused to load the image 'https://t0.c.appier.net/web2/xQfN5zpGjp9tx7C/?action_id=8f71f5d76d306f2&path=%2Fcard%2F&cookie_uid=CMV2Tf-8JSRqY3rb&api_version=1&escaped_qs=&webuu=xPtKuRwa8-Z3_6eSSjo9DX' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://ob.ctbcbank.com/card/#/
Message:
Refused to load the image 'https://anylist.c.appier.net/r3/ir5d?url=https%3A%2F%2Fob.ctbcbank.com%2Fcard%2F%23%2F&referer=&ssid=EMPyfr3lfknSHGJdKKFPDW&sessidx=2&siteuid=CMV2Tf-8JSRqY3rb&appier_utmz={}&_t=1655799425344&_tz=0&uc=TW&tv=2.6.10&eqid=h3wishphyAj_tSer&jsonparams=%7B%22t%22%3A%22type_process%22%2C%22content%22%3A%22submit%22%2C%22action_id%22%3A%228f71f5d76d306f2%22%2C%22track_id%22%3A%22xQfN5zpGjp9tx7C%22%2C%22opts%22%3A%7B%22unique_key%22%3A%22true%22%7D%7D&site=ctbcbank.com&fbp=fb.2.1655799424131.1175422500' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com".
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ob.ctbcbank.com/card/image//DEFAULT/bg.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://ob.ctbcbank.com/card/image//DEFAULT/logo.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://bat.bing.com/bat.js
Message:
Refused to connect to 'https://bat.bing.com/actionp/0?ti=undefined&Ver=2&mid=70a84f14-1e9d-4e69-9220-0b8fda6514d6&sid=89408e50f13a11ec94c027160335adc8&vid=894097b0f13a11ec86e69d9bef5a3032&vids=0&evt=dedup' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net".
network error URL: https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ob.ctbcbank.com/card/image//DEFAULT/new.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://ob.ctbcbank.com/card/image//DEFAULT/product.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://ob.ctbcbank.com/card/image//DEFAULT/remind_img.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'self' data: blob: ; script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://*.ctbcbank.com https://ap-east-1-02650019-view.menlosecurity.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://*.menlosecurity.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://track.tamedia.com.tw https://www.googleadservices.com https://tag.yieldoptimizer.com https://connect.facebook.net https://bat.bing.com https://jscdn.appier.net https://js.adsrvr.org; media-src 'self' data: blob: https://*.menlosecurity.com ; object-src 'self' https://*.menlosecurity.com; img-src 'self' data: blob: https://bat.bing.com https://www.facebook.com https://googleads.g.doubleclick.net https://*.ctbcbank.com https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com ; frame-src 'self' https://www.googletagmanager.com https://*.menlosecurity.com https://safe.menlosecurity.com https://bid.g.doubleclick.net/; connect-src 'self' https://www.shopback.com.tw https://anylist.c.appier.net wss://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://stats.g.doubleclick.net; style-src 'self' 'unsafe-inline' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://*.ctbcbank.com; font-src 'self' data: blob: https://*.menlosecurity.com https://www.googletagmanager.com https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://d.line-scdn.net https://static.addtoany.com https://*.googleapis.com https://fonts.gstatic.com https://*.ctbcbank.com; report-uri https://xhr-ap-east-1-02650019-view.menlosecurity.com/safeview-client-logger/csp-violation ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self' www.google-analytics.com *.facebook.net *.facebook.com sandbox allow-scripts www.googletagmanager.com *.ctbcbank.com *.googleapis.com *.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adlogs.ad2iction.com
anylist.c.appier.net
bat.bing.com
beacon.krxd.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
dpm.demdex.net
eb.ctbcbank.com
googleads.g.doubleclick.net
idsync.rlcdn.com
img.scupio.com
js.adsrvr.org
jscdn.appier.net
match.adsrvr.org
ob.ctbcbank.com
s.c.appier.net
stats.g.doubleclick.net
t0.c.appier.net
tag.adaraanalytics.com
tag.yieldoptimizer.com
track.tamedia.com.tw
www.clarity.ms
www.ctbcbank.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
xhr-ap-east-1-02650019-view.menlosecurity.com
adlogs.ad2iction.com
anylist.c.appier.net
beacon.krxd.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d.turn.com
dpm.demdex.net
idsync.rlcdn.com
img.scupio.com
match.adsrvr.org
s.c.appier.net
t0.c.appier.net
tag.adaraanalytics.com
www.clarity.ms
www.ctbcbank.com
www.google.com
www.google.de
xhr-ap-east-1-02650019-view.menlosecurity.com
108.138.15.119
124.29.140.230
142.250.185.226
175.184.241.234
175.184.243.188
175.184.243.207
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:811::2008
2a00:1450:4001:829::200e
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.111.114.222
35.186.212.60
025caa7690f1bbdf9e0aeec706d5845de68cacae7f676bff892132ca9d11b4fb
03220ea14b9af6c6ce74b2b5a318226f0028e329dad6b2c0bfeac3e484bc9e3d
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1341984382dd8e2a321e4bd823e00c18d6ffb90e96b3847ba973a569b1488fd5
1440b24e847c7040249e34eb27b93ae29b4b8a4caeaff945f93ddaf187b5fadf
18539e0630ca3e8d98023b64b2b20dd5c968f001d4598960f209896a45104d5e
2858783ee377db7cbd687bc1db2a6960e79ef7362550813fd654aac9a499a9d4
33125df64540d176b251e6fcb0c11c00c2f3c8d782447e2271bd66d19df314d2
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
38b93f6c7666e0a77374f3991225b3023edc76996418617330004428ba181ff5
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
453f1b37bd6d22ac081f8bd8be73e207975ad5ea465b86b9ef8f10ecb8988269
45ae1432efa75fdb8849655414f0acfb4d6d3bb28cb88de9c04569698bef413c
4cae5af7b8bec98b75e0099ed16a30d101abd0f00efea1b5baae255f74b2bc78
504eb76c3164d63be4dd1c04b8046242b0afdbd6bf872a61840b59b43a4ec3f5
508071cd808153fb431769c46b001cae3e1399ff07db9b604861562ae5207fa5
5fac557ece80b332e0c3f9dbfa38db5b7192298615873aa61a5e62c1eb70a5f8
620135e0406b5d38de9bf4e7f2a79126d57baa3f7d1b6919ada936835ce177df
68d15c1433c9aea2acf5960a9b4e376e28bcde241c45b9699b2107e586472274
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9865f06f70fc7aa125993f293bb23653fce063c603dec9d4e858016a429263
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
7123bac80f9b0a27ecb5528b1d528a187e7dbdcab97d50366a13df66cb79a3f9
7351f65f38e9a08de5da59f9d0b665c8b2cec8d1b43f94d634703910fb4e05d0
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852efdc071f2d496c410f7c6b907caa95b82e4e5a9ce027c58eb7825b0a4f948
87e3aaf13049d102723ee759d62385099e40f7febfe40a4bab6ea64d3647b7f2
919fb28b08000eb4928fb5015ff15357db9cac91cea57c54e89673906afcec7b
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
942f50323a3a3c5cfb82bee7413982d577dfeacffb9adb4d51fb699a2110f0eb
9c5951f348e84c727437af1c6cb9f34148af3e96e8179a4f448d96a6c0a1bc67
a1780b43d7c5eb02c8b99ba94b78c61df6e585cb5836228f59de665fe6cac5e8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3d3fd8f010b144e4d5b98b554773de4f171a5b8bafcf82eecbb33879da95a00
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a6a9b5c4c745980adc055a57dd28c6ca9b245f603a3b932aef4f04491a7777fe
ab31be2680343c21d8bb6e21b00e52c993bde42be0c01218a1ca6ec2bb834be5
ac2375ebd3cc01b91aa98aa35d1fe4939a0ed32999566fcb1916d1faba30d994
b2f83eb9f83b2b2f93c81ba0ce8c6fa5a230eba85769a340d02ebfd0911ec45f
b5ba4d14ec218726bedafbc4515bf3793a52a3f4c94d032cab4e996d13a98b34
c5b408361d1cd2a19882d463d59a0b3e572feaf6e47f02b29739930ea69baa63
cd07fb3094c3beaf397d167e0157cb7cefcc071195db0cc306f2d0b2f6e07e42
d4b79c6b26334d620b67688c8b03d1548d5d19e0bf70c2887a1b71afe270193d
d90a8b0f7e33fd7538703b95eed3e42446c89f125354984931799835f6659b86
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def05ed0c3e760be3c9a63cb340a4ff7f4e25fc51aa894accfd360cd4700bab4
dfed55a93d4909e7e4472e2a64325475eb40108f267a45ab8ea138a16f411def
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fc4409b0d675a31eeec64e64a945ef445812bbade9ea0bc3250afd5baea1be
e971723a329f93c2f636085a46fb5e82f616e32fcd198105f8c388d184445317
ebbe1f44951f55b0f58cb8da680eaf3fe6bd9984e7224fb90217da6f071e3a57
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
f117e206f015a419be6f05a05b1c8c99bdaf9b69f328087a18056d7a4118eb7d
f214d844bda8e574d18fdec03efd36f20e4c95dd6d4c05034969afd0ec0d85e7
f88f9b87081304807c6e7a8b3c4785733441d55c961d211f24aa265292e1c531
f965ca15df15ad7cb1b956174c0495678d00a7137f5dc59b5fceb8dbe8f13382
f96906d32ab0b3f00040ab70f29e10ad6f94d5ea7bd6b6ce21b4746d881dce47
fb4750e27ad98a214e0652d0a8068db154133be4c5081040d3cdd961e4675917
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff20044e3d611f6375191934fed79e976fd077b37ae6514376b828038bc9eddf