urlscan.io logo urlscan.io
SecurityTrails logo

h5.imagetw.com Open in urlscan Pro
43.212.191.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://h5.imagetw.com/
Submission: On January 21 via api from US — Scanned from TW
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 9 domains to perform 55 HTTP transactions. The main IP is 43.212.191.20, located in Taipei, Taiwan and belongs to AMAZON-02, US. The main domain is h5.imagetw.com.
TLS certificate: Issued by R13 on December 30th 2025. Valid for: 3 months.
This is the only time h5.imagetw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 43.212.191.20 16509 (AMAZON-02)
1 3.173.219.128 16509 (AMAZON-02)
3 142.251.8.92 15169 (GOOGLE)
1 2 104.18.0.22 13335 (CLOUDFLAR...)
2 3.164.121.82 16509 (AMAZON-02)
2 3.173.219.94 16509 (AMAZON-02)
1 128.1.157.251 21859 (ZEN-ECN)
11 16.12.79.30 16509 (AMAZON-02)
7 172.217.209.94 15169 (GOOGLE)
2 3.166.244.59 16509 (AMAZON-02)
10 142.250.196.110 15169 (GOOGLE)
2 54.150.67.177 16509 (AMAZON-02)
1 124.222.174.117 45090 (TENCENT-N...)
55 14
12    43.212.191.20 (Taipei, Taiwan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
h5.imagetw.com
1    3.173.219.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-219-128.nrt20.r.cloudfront.net
js.tappaysdk.com
3    142.251.8.92 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f92.1e100.net
pay.google.com
2    104.18.0.22 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    3.164.121.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-82.nrt12.r.cloudfront.net
fraud.tappaysdk.com
2    3.173.219.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-219-94.nrt20.r.cloudfront.net
js.tappaysdk.com
1    128.1.157.251 (Tokyo, Japan)

ASN21859 (ZEN-ECN, US)
at.alicdn.com
11    16.12.79.30 (Taipei, Taiwan)

ASN16509 (AMAZON-02, US)
imagetw-photos.s3.ap-east-2.amazonaws.com
7    172.217.209.94 (United States)

ASN15169 (GOOGLE, US)
PTR: hq-in-f94.1e100.net
www.gstatic.com
2    3.166.244.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-244-59.nrt20.r.cloudfront.net
websdk-uat.cherrix.co
10    142.250.196.110 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f14.1e100.net
play.google.com
2    54.150.67.177 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-67-177.ap-northeast-1.compute.amazonaws.com
service-uat.cherrix.co
1    124.222.174.117 (Shanghai, China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
cdn.dcloud.net.cn
Apex Domain
Subdomains		 Transfer
13 google.com
pay.google.com — Cisco Umbrella Rank: 3023
play.google.com — Cisco Umbrella Rank: 74
456 KB
12 imagetw.com
h5.imagetw.com
823 KB
11 amazonaws.com
imagetw-photos.s3.ap-east-2.amazonaws.com
10 MB
7 gstatic.com
www.gstatic.com
113 KB
5 tappaysdk.com
js.tappaysdk.com — Cisco Umbrella Rank: 526943
fraud.tappaysdk.com
185 KB
4 cherrix.co
websdk-uat.cherrix.co
service-uat.cherrix.co
109 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1015
77 KB
1 dcloud.net.cn
cdn.dcloud.net.cn — Cisco Umbrella Rank: 56117
420 B
1 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 18354
55 KB
55 9
Domain Requested by
12 h5.imagetw.com h5.imagetw.com
unpkg.com
11 imagetw-photos.s3.ap-east-2.amazonaws.com h5.imagetw.com
10 play.google.com www.gstatic.com
7 www.gstatic.com pay.google.com
h5.imagetw.com
www.gstatic.com
3 pay.google.com h5.imagetw.com
pay.google.com
www.gstatic.com
3 js.tappaysdk.com h5.imagetw.com
js.tappaysdk.com
2 service-uat.cherrix.co websdk-uat.cherrix.co
2 websdk-uat.cherrix.co fraud.tappaysdk.com
websdk-uat.cherrix.co
2 fraud.tappaysdk.com js.tappaysdk.com
fraud.tappaysdk.com
2 unpkg.com 1 redirects h5.imagetw.com
1 cdn.dcloud.net.cn h5.imagetw.com
1 at.alicdn.com h5.imagetw.com
55 12

This site contains no links.

Subject Issuer Validity Valid
h5.imagetw.com
R13		 2025-12-30 -
2026-03-30		 3 months crt.sh
*.tappaysdk.com
Sectigo Public Server Authentication CA OV R36		 2025-12-10 -
2027-01-10		 a year crt.sh
*.google.com
WE2		 2025-12-09 -
2026-03-03		 3 months crt.sh
*.tbcdn.cn
GlobalSign GCC R3 OV TLS CA 2024		 2025-11-28 -
2026-07-18		 8 months crt.sh
*.s3.ap-east-2.amazonaws.com
Amazon RSA 2048 M01		 2025-05-24 -
2026-05-14		 a year crt.sh
*.gstatic.com
WE2		 2025-12-09 -
2026-03-03		 3 months crt.sh
*.cherrix.co
Amazon RSA 2048 M03		 2025-04-29 -
2026-05-29		 a year crt.sh
*.dcloud.net.cn
Certum Domain Validation CA SHA2		 2025-08-26 -
2026-09-25		 a year crt.sh

This page contains 5 frames:

Primary Page: https://h5.imagetw.com/
Frame ID: 0666FF960985DE021BF1669F8F725ED2
Requests: 36 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fh5.imagetw.com&mid=
Frame ID: 1EDCADFD7A643B28A606A26E7E33C809
Requests: 13 HTTP requests in this frame

Frame: https://fraud.tappaysdk.com/ddca/iframe?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Frame ID: DAB76F9C232DD217AA3FA4845068108A
Requests: 4 HTTP requests in this frame

Frame: https://js.tappaysdk.com/sdk/tpdirect/api/html/v5.24.0?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Frame ID: 9C97B44F689794AAF9F7053912F60601
Requests: 2 HTTP requests in this frame

Frame: https://websdk-uat.cherrix.co/ddca-iframe.html
Frame ID: 1F20B1AFFC58BA265641EDBBFE39E28A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

首頁

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • <(?!svg)[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • s3[^ ]*\.amazonaws\.com/
Overall confidence: 100%
Detected patterns
  • \.alicdn\.com/
Overall confidence: 100%
Detected patterns
  • unpkg\.com/

Page Statistics

55
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

14
IPs

5
Countries

12045 kB
Transfer

14572 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/vconsole@latest/dist/vconsole.min.js HTTP 302
  • https://unpkg.com/vconsole@3.15.1/dist/vconsole.min.js

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
h5.imagetw.com/ 		38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d1fe1eaa1bd0fa86057ff81b8d02d7c987186ff30a4b753a9676664d9ba2cdbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Sec-Fetch-Mode, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, If-Match, If-None-Match, If-Unmodified-Since, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Accept-Language, Origin, Accept-Encoding,Access-Token,token,version,type
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, post
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 21 Jan 2026 10:24:18 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
uni.96b357ed.css
h5.imagetw.com/assets/ 		33 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/assets/uni.96b357ed.css
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
96b357ed2f6e51a3eb6f30eb61b8a68e8f92606836f9cfd0e1b92447d39ecc46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"696df6d1-834a"
expires
Wed, 21 Jan 2026 22:24:18 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:18 GMT
content-type
text/css
last-modified
Mon, 19 Jan 2026 09:18:09 GMT
server
nginx
vary
Accept-Encoding
v5.24.0
js.tappaysdk.com/sdk/tpdirect/ 		130 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.tappaysdk.com/sdk/tpdirect/v5.24.0
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.219.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-219-128.nrt20.r.cloudfront.net
Software
/
Resource Hash
73054f3c77ff8c872b40a823d2383d5efc1b6664d25691fae81a1d19bf5895c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options *

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-content-type-options
nosniff
x-amzn-requestid
42ac10aa-f12e-4aa2-8797-17a73a398dd6
x-cache
Miss from cloudfront
x-amz-cf-id
h6iE24CLCT7idhIElxi8K8rzOiRM0XSg4dL9b4fBR3WSez9Q_K3jSw==
date
Wed, 21 Jan 2026 10:24:18 GMT
content-type
text/javascript
x-frame-options
*
strict-transport-security
max-age=31536000
x-amz-apigw-id
Xh9lAHBptjMEcMA=
x-amzn-trace-id
Root=1-6970a952-41697db96956d4f153ffd918
referrer-policy
no-referrer-when-downgrade
via
1.1 90bb233b934e3e63efb14c8734c7c4cc.cloudfront.net (CloudFront)
permissions-policy
geolocation=()
access-control-allow-origin
*
content-length
133485
x-amz-cf-pop
NRT20-P8
pay.js
pay.google.com/gp/p/js/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f92.1e100.net
Software
ESF /
Resource Hash
55c60f70e07cb960757793fda77a1fde8ba3ce994e3e6e27cc5048bbde09df5b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ch-p9lvIrw1pLlW6kWQOhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/allowlist, script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/fine-allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 21 Jan 2026 10:24:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
date
Wed, 21 Jan 2026 10:24:18 GMT
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjusKoxSXF4KchxbC8VIphyUwphoJl01lbb55jnQzEcwPOs4ZnnmftWnSedQYQGypcYrUH4l95l1g_NVxiZb1zibVI4gprAwiHXmWdZXGNNSDrGqt45Q3WT1U3WAWqb7AumHODNaPjJuurnTdZvZ_cZDXRu8UaI3KHldPjDqs6813WlVlebHc0vdm0_b3ZzqV7sz185c3W7-XD9qHeh21yrw-b41MfNndrX7Zvxb5sLCW-bOxSfmyLzfzYHvr4s8WrBLD1bQxgUzsawGYCxHdvBLDNeRTAJsTDcenSodNsAhd2Xr3GpKSdlF8Yn5lXXJKYV5JUWplWlJ9XkpqXUpxaVJZaFG9kYGRmYGhkoGdgHF9gAACjEWdE"
content-security-policy
script-src 'report-sample' 'nonce-Ch-p9lvIrw1pLlW6kWQOhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/allowlist, script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/fine-allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport
cache-control
private, max-age=600
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
vconsole.min.js
unpkg.com/vconsole@3.15.1/dist/
Redirect Chain
  • https://unpkg.com/vconsole@latest/dist/vconsole.min.js
  • https://unpkg.com/vconsole@3.15.1/dist/vconsole.min.js
280 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vconsole@3.15.1/dist/vconsole.min.js
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H3
Server
104.18.0.22 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341885ebd1db9f578514e86279a449c0a698be8826d94941808d6b556283ea16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
age
30759
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
expires
Thu, 21 Jan 2027 10:24:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 21 Jan 2026 10:24:18 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 06 Nov 2025 03:52:05 GMT
vary
Accept-Encoding
fly-request-id
01K9BMP13HW28YDQ1XC4KKZS4W-sin
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
priority
u=1,i=?0
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 fly.io
cf-ray
9c1619e3ea6dfe84-SIN
content-digest
sha256=:NBiF69Hbn1eFFOhieaRJwKaYvogm2UlBgI1rVWKD6hY=:
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=60, s-maxage=300
location
/vconsole@3.15.1/dist/vconsole.min.js
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
cf-ray
9c1619e328b0fe84-SIN
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
52
server-timing
cfExtPri
date
Wed, 21 Jan 2026 10:24:18 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
index.1768814089121.js
h5.imagetw.com/assets/ 		1 MB
349 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/assets/index.1768814089121.js
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
706b596f710082bb2051e2496d06a561362f8bf9e46f8be025f35cff0a755348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://h5.imagetw.com
Referer
https://h5.imagetw.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"696df6bf-1128c4"
expires
Wed, 21 Jan 2026 22:24:18 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:18 GMT
content-type
application/javascript
last-modified
Mon, 19 Jan 2026 09:17:51 GMT
server
nginx
vary
Accept-Encoding
index.176881408912111.css
h5.imagetw.com/assets/ 		327 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/assets/index.176881408912111.css
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
72fe8d758491c731d499c3fdfe36cc77b448a8c5071b9d7576357f0e7cbbeb48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://h5.imagetw.com
Referer
https://h5.imagetw.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"696df6c0-51a49"
expires
Wed, 21 Jan 2026 22:24:18 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:18 GMT
content-type
text/css
last-modified
Mon, 19 Jan 2026 09:17:52 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83171ce6831197c0f77fd1ab8b4795a6064b60f0376341672e2e989a5b2cef19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
846f676a751142fccaed31408d0ba2be2769208c71987a41a374b2855c90d71d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
home-active.png
h5.imagetw.com/static/images/tabBar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h5.imagetw.com/static/images/tabBar/home-active.png
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7a32176012e71ceeca21e18a27ea1e626714c492dd16d36ee073d893a2bcc76e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
content-encoding
gzip
etag
W/"696df6e7-8f8"
expires
Fri, 20 Feb 2026 10:24:19 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:19 GMT
content-type
image/png
last-modified
Mon, 19 Jan 2026 09:18:31 GMT
server
nginx
vary
Accept-Encoding
my.png
h5.imagetw.com/static/images/tabBar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h5.imagetw.com/static/images/tabBar/my.png
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1bc90cb805f76a9c20fb5f54764fede2fab7f93ab35b87d47c2b23e44756488c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
content-encoding
gzip
etag
W/"696df6e8-423"
expires
Fri, 20 Feb 2026 10:24:19 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:19 GMT
content-type
image/png
last-modified
Mon, 19 Jan 2026 09:18:32 GMT
server
nginx
vary
Accept-Encoding
pages-index-index.DSAAu6nM.js
h5.imagetw.com/assets/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/assets/pages-index-index.DSAAu6nM.js
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/assets/index.1768814089121.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
617899f9aeaf4f4f547d0e6ceb0ee5fab1d07816feb06e733fcaf948ff9e2e32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://h5.imagetw.com
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"696df6c7-2598"
expires
Wed, 21 Jan 2026 22:24:19 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:19 GMT
content-type
application/javascript
last-modified
Mon, 19 Jan 2026 09:17:59 GMT
server
nginx
vary
Accept-Encoding
location-icon.DID6D9Pd.js
h5.imagetw.com/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/assets/location-icon.DID6D9Pd.js
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/assets/index.1768814089121.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
82e260e1f779baa9824123dbb55692c2b00e89a8dd5ec17437094ab6dd824288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://h5.imagetw.com
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"696df6c3-ae3"
expires
Wed, 21 Jan 2026 22:24:19 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:19 GMT
content-type
application/javascript
last-modified
Mon, 19 Jan 2026 09:17:55 GMT
server
nginx
vary
Accept-Encoding
index.1768814089121.css
h5.imagetw.com/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/assets/index.1768814089121.css
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/assets/index.1768814089121.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1982ea8b4e04e0f54bfb4a4982633b0143eb6587fe006610882084f8d639cdf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://h5.imagetw.com
Referer
https://h5.imagetw.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"696df6be-990"
expires
Wed, 21 Jan 2026 22:24:19 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:19 GMT
content-type
text/css
last-modified
Mon, 19 Jan 2026 09:17:50 GMT
server
nginx
vary
Accept-Encoding
payframe
pay.google.com/gp/p/ui/ Frame 1EDC 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fh5.imagetw.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f92.1e100.net
Software
ESF /
Resource Hash
a38f0b850fbb977e8e30364ee95bc2a096130e31cc125a7fcf82eb0004904230
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-5xQFevpXhjcIwN6Gxw4Utw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/fine-allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h5.imagetw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-5xQFevpXhjcIwN6Gxw4Utw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/fine-allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 21 Jan 2026 10:24:19 GMT
expires
Wed, 21 Jan 2026 10:24:19 GMT
origin-trial
AssDE6uDpaVUq9mb8HyrCnDR4hxNa3P1PQl8E0huFRpGw4MFWswRwyuk1E68LufiBFMulCrRk3VCexIRW39eYwoAAABMeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5fQ==
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjusOoxSXF4KchxbC8VIphyUwphoJl01lbb55jnQzEcwPOs4ZnnmftWnSedQYQGypcYrUH4l95l1g_NVxiZb1zibVI4gprAwiHXmWdZXGNNSDrGqt45Q3WT1U3WAWqb7AumHODNYn9JmsBEGd03GR9tfMmq_eTm6wmerdYY0TusHJ63GFVZ77LujLLi-2Opjebtr8327l0b7aHr7zZ-r182D7U-7BN7vVhc3zqw-Zu7cv2rdiXjaXEl41dyo9tsZkf20Mff7Z4lQC2vo0BbGpHA9hMgPjujQC2OY8C2IR4OC5fOnSaTWDH5_s3mJW0k_IL4zPziksS80qSSivTivLzSlLzUopTi8pSi-KNDIzMDAyNDPQMjOMLDADKlGoY"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
iframe
fraud.tappaysdk.com/ddca/ Frame DAB7 		320 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fraud.tappaysdk.com/ddca/iframe?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Requested by
Host: js.tappaysdk.com
URL: https://js.tappaysdk.com/sdk/tpdirect/v5.24.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-82.nrt12.r.cloudfront.net
Software
/
Resource Hash
0b8c109fcaac03155daa7d6f9dafb7210a1dfe63335e2aad3ff0f41c7f0cfbcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://h5.imagetw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-length
320
content-type
text/html
date
Wed, 21 Jan 2026 10:24:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a22057d481a506cac2167ba3b18dd76.cloudfront.net (CloudFront), 1.1 b6aa8db8b123a4507ff1018026097834.cloudfront.net (CloudFront)
x-amz-apigw-id
Xh9lLFIPtjMEWMg=
x-amz-cf-id
NQ3d5kURZoQ4IV-yRh_gUVXZi-aBeBKN-CRooyV2GLydZDhYpjvZqw==
x-amz-cf-pop
NRT57-P7 NRT12-P3
x-amzn-requestid
e6cc95c0-e692-47d0-a583-a2f2ad008932
x-amzn-trace-id
Root=1-6970a953-0996a2d114cd29a9626c1c99
x-cache
Miss from cloudfront
v5.24.0
js.tappaysdk.com/sdk/tpdirect/api/html/ Frame 9C97 		529 B
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.tappaysdk.com/sdk/tpdirect/api/html/v5.24.0?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Requested by
Host: js.tappaysdk.com
URL: https://js.tappaysdk.com/sdk/tpdirect/v5.24.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.219.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-219-94.nrt20.r.cloudfront.net
Software
/
Resource Hash
f1ea622570b73822e2f9e3da1b409b2c5655dc8af0ee9801b36070934f896041

Request headers

Referer
https://h5.imagetw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-length
529
content-type
text/html
date
Wed, 21 Jan 2026 10:24:19 GMT
via
1.1 193f392c116e27a3f195dc4d0ef3ff2e.cloudfront.net (CloudFront)
x-amz-apigw-id
Xh9lLGrwtjMEUvA=
x-amz-cf-id
21jsfY1Z3v57Jq01KmpYAg0yjHl67hW-Tz1hqQoOBq-5XXax3_Bg9Q==
x-amz-cf-pop
NRT20-P8
x-amzn-requestid
5bf0a4ea-82e7-4550-997f-242319efd001
x-amzn-trace-id
Root=1-6970a953-60861ad145fae9215e2b687b
x-cache
Miss from cloudfront
font_2225171_8kdcwk4po24.ttf
at.alicdn.com/t/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.1.157.251 Tokyo, Japan, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Tengine /
Resource Hash
4bc8cc97559c0a52ea4f5ce0563e1bf3a7f89d660f74792e662e76d49eae4707

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://h5.imagetw.com
Referer
https://h5.imagetw.com/

Response headers

content-md5
txYAK/YB9ycXaueQG99OTw==
x-oss-storage-class
Standard
etag
"B716002BF601F727176AE7901BDF4E4F"
x-oss-object-type
Normal
x-cache
MISS TCP_MISS dirn:-2:-2
date
Wed, 21 Jan 2026 10:24:20 GMT
x-oss-server-time
3
content-type
application/octet-stream
vary
Origin
last-modified
Fri, 24 Dec 2021 20:51:06 GMT
cache-control
max-age=63072000
x-swift-cachetime
31104000
timing-allow-origin
*
x-oss-hash-crc64ecma
10201830100077572647
via
ens-cache13.l2hk7[358,357,200-0,M], ens-cache34.l2hk7[359,0], cache20.jp6[412,412,200-0,M], cache3.jp6[414,0]
ali-swift-global-savetime
1768991060
x-swift-savetime
Wed, 21 Jan 2026 10:24:20 GMT
accept-ranges
bytes
access-control-allow-origin
*
eagleid
80019d9717689910600804077e
content-length
55940
x-oss-request-id
6970A954B09677363492145D
server
Tengine
Mask%20group@2x.1768814089121.png
h5.imagetw.com/assets/ 		385 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h5.imagetw.com/assets/Mask%20group@2x.1768814089121.png
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/assets/index.1768814089121.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f8b197ddf13ca59e244e404f16f9c96f12d861f89ae39f0ba0306dce60822614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/assets/index.1768814089121.css

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
content-encoding
gzip
etag
W/"696df6c4-60574"
expires
Fri, 20 Feb 2026 10:24:19 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:19 GMT
content-type
image/png
last-modified
Mon, 19 Jan 2026 09:17:56 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2afbaaa81c82b2d2db40e809ebb3f38e70e16ee61a020e2cbe2b90b4093207e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34c8b7d358b0921231543308ed893cbf72ffc5956dc4114c1a07fec2a47ba30c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
index
h5.imagetw.com/api/Index/ 		34 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/api/Index/index
Requested by
Host: unpkg.com
URL: https://unpkg.com/vconsole@latest/dist/vconsole.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
876181aca0d3926b0d100ceea8cec400c8d5a2151048a246a1da8ff2f34b0c85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://h5.imagetw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
access-control-max-age
1728000
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, post
access-control-allow-origin
*
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Wed, 21 Jan 2026 10:24:19 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx
access-control-allow-headers
Authorization, Sec-Fetch-Mode, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, If-Match, If-None-Match, If-Unmodified-Since, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Accept-Language, Origin, Accept-Encoding,Access-Token,token,version,type
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
20260102010351fce653402.jpg
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260102/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260102/20260102010351fce653402.jpg
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee8254702a08096e841c144cc57743c72d5d10e3c5722e61df56ef2d42afa8c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
ZfBGgTL7+SxrLbG7XlJR2AVTinLQG8hMFZcW79bK4C3NH+2tehtfLQCd//RW1JG2pDCbdQHIS98=
ETag
"26d00f63f4e3e262026394da96e85515"
x-amz-version-id
cQUX5L8QsQ7YMtwhFfMXdSzNuhgj4aiT
x-amz-request-id
E291NVQ5RK737T7W
Accept-Ranges
bytes
Content-Length
2302500
Date
Wed, 21 Jan 2026 10:24:21 GMT
Last-Modified
Thu, 01 Jan 2026 17:03:52 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
20260102010351e8bc33114.jpg
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260102/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260102/20260102010351e8bc33114.jpg
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f50c870e7105d4ee8b3df576a8f5e80a78d27787585c938090ec259f77dfec46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
G1/lJkP8DRzfnwrMYXl+cZhCCgDKws8G0/SVDUe6OaoulVc1LYXis1dO4waBySBw3CvM/6Zry1g=
ETag
"e66e57be5a51b21c861eb4517fa9882a"
x-amz-version-id
cIrJITPK_4mhnNMqskf31ypt2YrF68Y9
x-amz-request-id
E297JAPHQJKJ49T2
Accept-Ranges
bytes
Content-Length
2258653
Date
Wed, 21 Jan 2026 10:24:21 GMT
Last-Modified
Thu, 01 Jan 2026 17:03:52 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
20260107170259e11428454.jpg
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260107/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260107/20260107170259e11428454.jpg
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0083441f7f807183aed374263e7d30c39fb68c925782e038c87901ca802d87fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
NgjUO/nru2fAyzycm1gC9ZeO+oUiFpRwlT3QAfcO344FA0nL40becxWMGI8nXnbDKVSpL83zQPY=
ETag
"6d37e17720cdccf20df3165f4790e298"
x-amz-version-id
cYJt_TDtNhG0BDZvL1vulDYuLt_x8PSV
x-amz-request-id
E29B0DGYFD6EHBJG
Accept-Ranges
bytes
Content-Length
63617
Date
Wed, 21 Jan 2026 10:24:21 GMT
Last-Modified
Wed, 07 Jan 2026 09:03:00 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/ 		947 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45b8f04863c0b4fc01d160ce6b5cbfa42cb512d5956099615a16d100ea49bd18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf596e2a46497ee6ee85d885f509bf5014a51f93d94ced81249401295fa2bd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
20260105180046545051956.JPG
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260105/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260105/20260105180046545051956.JPG
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c87f08375b6b8cc5780cba53b8ac9d23de22866bea5b53c7dbd359b47c84a0be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
CKre8SFJBHJBIU8/GJmCgByXv9HthPoDaocg04r7iBJr/C4Hxyyk9nUIY9kI3DMof/Mz2N+9oUk=
ETag
"fdff39e73332bf473870f92ce6759202"
x-amz-version-id
na2aZj4D_dNfwwgA1knATMOl.Hx78pqG
x-amz-request-id
E29027WR1ZAMEP5Y
Accept-Ranges
bytes
Content-Length
172297
Date
Wed, 21 Jan 2026 10:24:21 GMT
Last-Modified
Mon, 05 Jan 2026 10:00:47 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
20251201165422f73622443.JPG
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20251201/ 		864 KB
865 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20251201/20251201165422f73622443.JPG
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38897efa705739fe14733c37ed70f61ea6d77b567c41e594a22d03660dfff6ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
IwKkrv/l8de2FQtnIjXPOPcHJcFqz16z0OqyGkfKwGiu6hOQPL3qfMqjtlS0eO2PpjBHk2040Kg=
ETag
"25925fd3cd0f02aeba03a33aa79bb5e8"
x-amz-version-id
2sN5PvH0A9w5nsF1Yxq2UcdjisXcMpMF
x-amz-request-id
E29EYTZ1Y0QSBSPV
Accept-Ranges
bytes
Content-Length
885080
Date
Wed, 21 Jan 2026 10:24:21 GMT
Last-Modified
Tue, 30 Dec 2025 09:56:40 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
202601141545596eb935684.png
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260114/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260114/202601141545596eb935684.png
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d8b20e1b8ecdad3703801eb3930a5abd84664e87cf1c68eab46531eaadad6d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
obC7GbJWo4IL9mhGeunFcMNUsNfMkWspWoqJj+89Q7LZ09S6W0i7mLg9v8sxM0AyIZHTkRsy/fU=
ETag
"b4a90fa8144b60417e7ae94778683c44"
x-amz-version-id
T.U.z8D0x2JXTFFbFyKQXbHYdIRtk4qE
x-amz-request-id
E29BZE159DRYS08W
Accept-Ranges
bytes
Content-Length
218043
Date
Wed, 21 Jan 2026 10:24:21 GMT
Last-Modified
Wed, 14 Jan 2026 07:46:01 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
202601051800461f73c8599.JPG
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260105/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20260105/202601051800461f73c8599.JPG
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beca5d0e4ad7c9a0b6508ccae3c9365ab87e7d0f5cac2527559a503ace21be0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
R8CoKBjMfMXPsxRHhNtnF51O9VgYw5VwS3lLVUWq/SK0iNm9xEr1OWz3CfBENqnXUNst4OSp41s=
ETag
"0daaf054283703a1fa805c9c67a8a985"
x-amz-version-id
qyLh70JXK8gYRqmEF.yVTBOWMTcn2TPJ
x-amz-request-id
E2969212DG5DZM8R
Accept-Ranges
bytes
Content-Length
182456
Date
Wed, 21 Jan 2026 10:24:21 GMT
Last-Modified
Mon, 05 Jan 2026 10:00:47 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
20251224120651f3a572475.jpg
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20251224/ 		463 KB
464 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20251224/20251224120651f3a572475.jpg
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c68d14320495044cc8024ef9a8c81686dacfef61721788841e2e87a45487b0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
R0HTHN2DGzqZICOA02dAkub+5Ruz/8BeAZY23PS6tra5AG3Q41voeAbqeAQgmUekpMmEwv5XJnQ=
ETag
"bf02a93da54acfff6bb00604c4a2d356"
x-amz-version-id
Uf3cZFjpmLCza6CiU8aZzl5ivbSsEVuB
x-amz-request-id
ASJJ797M0GGKXAAT
Accept-Ranges
bytes
Content-Length
474415
Date
Wed, 21 Jan 2026 10:24:22 GMT
Last-Modified
Tue, 30 Dec 2025 09:55:37 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
20251224163913b7c8b6409.jpg
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20251224/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20251224/20251224163913b7c8b6409.jpg
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04e1bda3e962354025e86067900a924b7f58d6e5e04a24b5514e167f7d1b7e15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
DQYTy0j2a0o9ROAuje2khKiDQ1XUV0oxg/+LyIYGkBrSFbePmy/M+W/fnzAl17wS7u9BjVMgoFc=
ETag
"be9d7dd7779b2b2dcc6d10fb4aebc296"
x-amz-version-id
66GtQrmhqglQrziaxjgPDf7W192JR6hZ
x-amz-request-id
ASJQVV3RA622KMZB
Accept-Ranges
bytes
Content-Length
1488084
Date
Wed, 21 Jan 2026 10:24:22 GMT
Last-Modified
Tue, 30 Dec 2025 09:55:39 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
20251224164933497c06102.jpg
imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20251224/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/uploads/images/20251224/20251224164933497c06102.jpg
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df556fd0f412a5bed3973f18e3873d076b6c560be07f985cd31ae8505ddbf28d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
pQeu+mgReg+1mLcOFZZLlxW3GWy/CAmQ/72tmBV6SFAUU9GOLVg+U5EftwUxUh/yy+zZGGOmTUI=
ETag
"318808aa93daa58e417993a058beb8ae"
x-amz-version-id
kD6x56F.18tdwUlFWG6g48baCUvRhVOj
x-amz-request-id
ASJZ4A71ZTJVC9VE
Accept-Ranges
bytes
Content-Length
2121875
Date
Wed, 21 Jan 2026 10:24:22 GMT
Last-Modified
Tue, 30 Dec 2025 09:55:40 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
article01.png
imagetw-photos.s3.ap-east-2.amazonaws.com/resource/image/adminapi/default/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagetw-photos.s3.ap-east-2.amazonaws.com/resource/image/adminapi/default/article01.png
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.79.30 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1928e04439d67c04788666a9c10bdfada95e52fc241493bff9899bdd708d2ac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

x-amz-id-2
0MCCjzLUgbINhjFMz7vGH+msKtxUFOyPxo57yGiZL6mXdV5tlzxWen56Zes8vOEYj7ppbLhOYcA=
ETag
"d6d7132fea8f8aefc1b07e1110776b38"
x-amz-version-id
w67llHo2Dpamk9zPEFR4r.EHehcVheGi
x-amz-request-id
ASJHDVBRAJCDBYDH
Accept-Ranges
bytes
Content-Length
298478
Date
Wed, 21 Jan 2026 10:24:22 GMT
Last-Modified
Tue, 30 Dec 2025 10:03:17 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
js
fraud.tappaysdk.com/ddca/ Frame DAB7 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fraud.tappaysdk.com/ddca/js
Requested by
Host: fraud.tappaysdk.com
URL: https://fraud.tappaysdk.com/ddca/iframe?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-82.nrt12.r.cloudfront.net
Software
/
Resource Hash
0eeb35920ec008521c361c88d6672342157897bbd02e8cbb179f0de0ef4a2fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://fraud.tappaysdk.com/ddca/iframe?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-amz-apigw-id
Xh9lNHc6tjMEUXw=
x-amzn-trace-id
Root=1-6970a954-4191dcfc52a61aea1af2e95e
x-amzn-requestid
8f096408-5a39-4c47-a2ae-51aa31515e4c
via
1.1 0f169f954b8768406d54f122d924a77c.cloudfront.net (CloudFront), 1.1 b6aa8db8b123a4507ff1018026097834.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
1141
x-amz-cf-id
tCjq3Y8_LiTbDRFsR1Tt1e8ZO3TnaCErKvun_MApEnJh4YOABRVJgQ==
date
Wed, 21 Jan 2026 10:24:20 GMT
content-type
text/javascript
x-amz-cf-pop
NRT57-P7, NRT12-P3
v5.24.0
js.tappaysdk.com/sdk/tpdirect/api/js/ Frame 9C97 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.tappaysdk.com/sdk/tpdirect/api/js/v5.24.0?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Requested by
Host: js.tappaysdk.com
URL: https://js.tappaysdk.com/sdk/tpdirect/api/html/v5.24.0?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.219.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-219-94.nrt20.r.cloudfront.net
Software
/
Resource Hash
7625d9a187f57c174f81ca65180e309146385ad6904fac9c99dd6e4991a0313d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://js.tappaysdk.com/sdk/tpdirect/api/html/v5.24.0?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D

Response headers

x-amz-apigw-id
Xh9lNHvFtjMEffA=
x-amzn-trace-id
Root=1-6970a954-7077e5536351d74107514ff5
x-amzn-requestid
dd886e84-51bc-4983-9b23-dd074ac15b4d
via
1.1 193f392c116e27a3f195dc4d0ef3ff2e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
51709
x-amz-cf-id
jr25O2LpUZs7hJ8lcOKgiQbfGZQa6mvhqNJ223G1FgP_E-lHk-J0jw==
date
Wed, 21 Jan 2026 10:24:20 GMT
content-type
text/javascript
x-amz-cf-pop
NRT20-P8
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/am=AAAAeA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame 1EDC 		148 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/am=AAAAeA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhBDqmX_rbKdbUVhxqamhLTu8V4lw/dti=1/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fh5.imagetw.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.209.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hq-in-f94.1e100.net
Software
sffe /
Resource Hash
114bbcc47335bde7e5e2823526eec82ed119b5a7adfc1a9f9e6d07b8367baa41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
47861
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 20 Jan 2027 21:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Jan 2026 21:06:39 GMT
last-modified
Sat, 17 Jan 2026 08:30:18 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
56596
x-xss-protection
0
server
sffe
ddca-sdk.js
websdk-uat.cherrix.co/ Frame DAB7 		107 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk-uat.cherrix.co/ddca-sdk.js
Requested by
Host: fraud.tappaysdk.com
URL: https://fraud.tappaysdk.com/ddca/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.244.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-244-59.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bacc38152fcedb4d4c5c2e1e366786563d3d241fae489eb35caf10d4bd1e4e71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://fraud.tappaysdk.com/

Response headers

etag
"8b33c6e264c00bdc913cf9db8a1b1f97"
age
30314
via
1.1 d4c840773666334669d28ed4f37c31fe.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
109589
x-amz-cf-id
e1uJFTO8j4a3LjRODgAz0xk20K5rweWg9Kd94nxowDCixV1NmVZO8w==
date
Wed, 21 Jan 2026 01:59:07 GMT
content-type
application/javascript
last-modified
Tue, 06 Jan 2026 06:52:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P6
x-amz-server-side-encryption
AES256
transparent_square.svg
www.gstatic.com/instantbuy/svg/ 		69 B
614 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/instantbuy/svg/transparent_square.svg
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.209.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hq-in-f94.1e100.net
Software
sffe /
Resource Hash
8cb82f4e773caf89305f1158d3f08ea77c6b8dafb247efc3c3f591ed528d0333
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

content-encoding
gzip
age
76533
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
x-content-type-options
nosniff
expires
Wed, 20 Jan 2027 13:08:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Jan 2026 13:08:48 GMT
last-modified
Thu, 20 Feb 2025 17:58:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
81
x-xss-protection
0
server
sffe
m=uZmJdd
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta... Frame 1EDC 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/am=AAAAeA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhBDqmX_rbKdbUVhxqamhLTu8V4lw/dti=1/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.209.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hq-in-f94.1e100.net
Software
sffe /
Resource Hash
91d97c711a4a0383b8ac69106a3b79be60d79ef9252abd1e3227d5a1c839dfe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
47862
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 20 Jan 2027 21:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Jan 2026 21:06:39 GMT
last-modified
Mon, 12 Jan 2026 23:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
31200
x-xss-protection
0
server
sffe
pay
pay.google.com/gp/p/ui/ Frame 1EDC 		1 MB
387 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/am=AAAAeA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhBDqmX_rbKdbUVhxqamhLTu8V4lw/dti=1/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f92.1e100.net
Software
ESF /
Resource Hash
defeb8ab75d9c466f3d39569039db5afde52b07fabc19296b8dea4086bf91aee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ji9feCY6NDDss0XozxDlrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com https://payments.google.com/payments/v4/js/integrator.js https://payments.sandbox.google.com/payments/v4/js/integrator.js;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 21 Jan 2026 10:24:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-ua-compatible
IE=edge
date
Wed, 21 Jan 2026 10:24:21 GMT
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
DENY
strict-transport-security
max-age=31536000
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjusOoxSXF4KchxbC8VIphyUwphoJl01lbb55jnQzEcwPOs4ZnnmftWnSedQYQGypcYrUH4l95l1g_NVxiZb1zibVI4gprAwiHXmWdZXGNNSDrGqt45Q3WT1U3WAWqb7AumHODNYn9JmsBEGd03GR9tfMmq_eTm6wmerdYY0TusHJ63GFVZ77LujLLi-2Opjebtr8327l0b7aHr7zZ-r182D7U-7BN7vVhc3zqw-Zu7cv2rdiXjaXEl41dyo9tsZkf20Mff7Z4lQC2vo0BbGpHA9hMgPjujQC2OY8C2IS4Oa5eOnSaTWDGntWlStpJ-YXxmXnFJYl5JUmllWlF-XklqXkpxalFZalF8UYGRmYGhkYGegbG8QUGAEQWaSg"
content-security-policy
script-src 'report-sample' 'nonce-ji9feCY6NDDss0XozxDlrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com https://payments.google.com/payments/v4/js/integrator.js https://payments.sandbox.google.com/payments/v4/js/integrator.js;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport
cache-control
private, max-age=3600
cross-origin-opener-policy
unsafe-none
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
same-site
content-security-policy-report-only
script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayUi.zh_TW.4G0HMF4_gLY.2018.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/fine-allowlist
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta... Frame 1EDC 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=_b,_tp,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/am=AAAAeA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhBDqmX_rbKdbUVhxqamhLTu8V4lw/dti=1/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.209.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hq-in-f94.1e100.net
Software
sffe /
Resource Hash
ac0b3f3c19d027284060257eb4304e93b07801eae6effefdda63798d54dcdafa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
47862
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 20 Jan 2027 21:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Jan 2026 21:06:39 GMT
last-modified
Mon, 12 Jan 2026 23:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
3620
x-xss-protection
0
server
sffe
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta... Frame 1EDC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/am=AAAAeA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhBDqmX_rbKdbUVhxqamhLTu8V4lw/dti=1/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.209.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hq-in-f94.1e100.net
Software
sffe /
Resource Hash
e947e1c221b35f9f4be8839f36f46d3401699278dd58b7aaae5b55ebf370163b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
47862
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 20 Jan 2027 21:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Jan 2026 21:06:39 GMT
last-modified
Mon, 12 Jan 2026 23:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
14391
x-xss-protection
0
server
sffe
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 21 Jan 2026 10:24:21 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1EDC 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 21 Jan 2026 10:24:22 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 1EDC 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 21 Jan 2026 10:24:22 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 21 Jan 2026 10:24:21 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1EDC 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 21 Jan 2026 10:24:22 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 21 Jan 2026 10:24:21 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1EDC 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 21 Jan 2026 10:24:22 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 21 Jan 2026 10:24:21 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1EDC 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 21 Jan 2026 10:24:22 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 21 Jan 2026 10:24:21 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
ddca-iframe.html
websdk-uat.cherrix.co/ Frame 1F20 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://websdk-uat.cherrix.co/ddca-iframe.html
Requested by
Host: websdk-uat.cherrix.co
URL: https://websdk-uat.cherrix.co/ddca-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.244.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-244-59.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4488fb7164bdc431e88a8380c4fcefbeb163303bd4fb0cc8520df0f4dd861561

Request headers

Referer
https://fraud.tappaysdk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
73254
cache-control
max-age=86400
content-length
1100
content-type
text/html
date
Tue, 20 Jan 2026 14:03:28 GMT
etag
"d975aebf759fabde421f8652a055a11f"
last-modified
Fri, 14 Jul 2023 04:04:12 GMT
server
AmazonS3
via
1.1 d4c840773666334669d28ed4f37c31fe.cloudfront.net (CloudFront)
x-amz-cf-id
9VC8bZ8jvk6yRX3GN68enCb3H08Q1vnZb6Hqpx-GWd7DN6Fdo84tcQ==
x-amz-cf-pop
NRT20-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
m=p3hmRc,LvGhrf,RqjULd
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta... Frame 1EDC 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ta5rOLPA8e4.L.B1.O/am=AAAAeA/d=1/exm=EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhC_NHp117yiYk1Xw4bkZK10uwcJw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=p3hmRc,LvGhrf,RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh_TW.D-mPPBCDWRk.2018.O/am=AAAAeA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhBDqmX_rbKdbUVhxqamhLTu8V4lw/dti=1/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.209.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hq-in-f94.1e100.net
Software
sffe /
Resource Hash
77e41a6da9967c97de38c876d3ac00bb62695b5ef71d30880cff444fdb1a9ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
47862
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 20 Jan 2027 21:06:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Jan 2026 21:06:39 GMT
last-modified
Mon, 12 Jan 2026 23:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
8208
x-xss-protection
0
server
sffe
device
service-uat.cherrix.co/ Frame DAB7 		237 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service-uat.cherrix.co/device
Requested by
Host: websdk-uat.cherrix.co
URL: https://websdk-uat.cherrix.co/ddca-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.150.67.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-67-177.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d994236a5f1d841b84c355f3b4fc2db2faa2632dcf5e14dfb2ad65edf732a437

Request headers

h2
https://fraud.tappaysdk.com
app-key
t00eeQNpzOGzV0FNKfl6AvUyAgICAgZGV2AAApGgAAAYBGEWlFjnP0SYHk5RJiuQ
sdk-version
W3.1.0
Referer
https://fraud.tappaysdk.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
application/json
app-id
app-10522

Response headers

access-control-expose-headers
hash-code, security-code, qm, qp, trace-id
qp
900
x-amz-apigw-id
Xh9liFMCNjMFmvA=
trace-id
ZKPIdFLHeB8eaDNB
x-amzn-trace-id
Root=1-6970a956-53f335261aaac26264417ef3;Parent=311c6d5b5b5d0901;Sampled=0;Lineage=1:fdb59434:0
qm
100
x-amzn-requestid
5d5731f4-39e9-465c-8159-7ec934f9186b
access-control-allow-origin
*
content-length
237
date
Wed, 21 Jan 2026 10:24:22 GMT
content-type
application/json
device
service-uat.cherrix.co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://service-uat.cherrix.co/device
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.150.67.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-67-177.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app-id,app-key,content-type,h2,sdk-version
Access-Control-Request-Method
POST
Origin
https://fraud.tappaysdk.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,App-Id,App-Key,App-Domain,h2,hash-code,sdk-version
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
604800
content-length
0
content-type
application/json
date
Wed, 21 Jan 2026 10:24:22 GMT
x-amz-apigw-id
Xh9lgE2uNjMFgVg=
x-amzn-requestid
df0ad2b2-ebde-42bd-86ca-adc87e4525cd
favicon.ico
h5.imagetw.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://h5.imagetw.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.212.191.20 Taipei, Taiwan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-212-191-20.ap-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
50ee6523a4cba10377554c53f88bcd8b53cb5d11a03439f04f73aff55e982e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

strict-transport-security
max-age=31536000
etag
"68ec54b3-47e"
accept-ranges
bytes
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
content-length
1150
date
Wed, 21 Jan 2026 10:24:22 GMT
content-type
image/x-icon
last-modified
Mon, 13 Oct 2025 01:24:03 GMT
server
nginx
transparent_square.svg
www.gstatic.com/instantbuy/svg/ Frame 1EDC 		69 B
108 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/instantbuy/svg/transparent_square.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.209.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hq-in-f94.1e100.net
Software
sffe /
Resource Hash
8cb82f4e773caf89305f1158d3f08ea77c6b8dafb247efc3c3f591ed528d0333
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
76534
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
x-content-type-options
nosniff
expires
Wed, 20 Jan 2027 13:08:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Jan 2026 13:08:48 GMT
last-modified
Thu, 20 Feb 2025 17:58:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
81
x-xss-protection
0
server
sffe
shadow-grey.png
cdn.dcloud.net.cn/img/ 		136 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by
Host: h5.imagetw.com
URL: https://h5.imagetw.com/assets/index.176881408912111.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.222.174.117 Shanghai, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://h5.imagetw.com/

Response headers

cache-control
max-age=18000
etag
"5cf8b5bf-88"
expires
Wed, 21 Jan 2026 15:24:23 GMT
accept-ranges
bytes
content-length
136
date
Wed, 21 Jan 2026 10:24:23 GMT
content-type
image/png
last-modified
Thu, 06 Jun 2019 06:42:07 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

29 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| TPDirect object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| allowedPaymentMethodsForLoggingAllowlist object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant object| allowlistedMerchantDomainsForBnplDynamicButton object| allowlistedMerchantDomainsForRlmiaDynamicButton object| denylistedMerchantDomainsForPopupModeLoadingScreen string| dynamicGpayButtonVariant object| integratorExperimentIds object| google object| regeneratorRuntime function| VConsole object| vConsole object| __VCONSOLE_INSTANCE object| _vcOrigConsole object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| uni object| wx function| rpx2px object| __uniConfig object| __uniLayout object| __uniRoutes boolean| __VUE__

3 Cookies

Domain/Path Name / Value
h5.imagetw.com/ Name: thinkphp_show_page_trace
Value: 0|0
.google.com/ Name: NID
Value: 528=YQy6nSFQH2JZ2rJlhsW6AVIPobmwO3sXtlyG3feebmab-bVcMtyzGz4gug4RcvQLkZUYUsM7Kpt5qVmaOhHmyl9uXjeDnIq-gXRPYZa47pKHeSYLOKr0XdELk82eYCojJN0cYF4fmXoq7iwg9Jgx6ytyHJKqFT0U6L09Gt5-231T4yxv6azUgxTBfGF9zF5kyp4P5NLqKnr_oHrH-A
.dcloud.net.cn/ Name: __uni__uid
Value: rBEQa2lwqVe+PhVDA1xLAg==

2 Console Messages

Source Level URL
Text
rendering warning URL: https://fraud.tappaysdk.com/ddca/iframe?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0D018002C2A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://fraud.tappaysdk.com/ddca/iframe?%7B%22appKey%22%3A%22app_kOh1yxv8LnxTctac5NwZtCZfMfiqDM9NkI62MRdwEqClkswBVxLe5vQpUG3F%22%2C%22appID%22%3A%22164670%22%2C%22serverType%22%3A%22sandbox%22%2C%22hostname%22%3A%22h5.imagetw.com%22%2C%22origin%22%3A%22https%3A%2F%2Fh5.imagetw.com%22%2C%22referrer%22%3A%22%22%2C%22href%22%3A%22https%3A%2F%2Fh5.imagetw.com%2F%22%2C%22port%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22sdk_version%22%3A%22v5.24.0%22%2C%22mode%22%3A%22production%22%7D
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A06044002C2A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
cdn.dcloud.net.cn
fraud.tappaysdk.com
h5.imagetw.com
imagetw-photos.s3.ap-east-2.amazonaws.com
js.tappaysdk.com
pay.google.com
play.google.com
service-uat.cherrix.co
unpkg.com
websdk-uat.cherrix.co
www.gstatic.com
104.18.0.22
124.222.174.117
128.1.157.251
142.250.196.110
142.251.8.92
16.12.79.30
172.217.209.94
3.164.121.82
3.166.244.59
3.173.219.128
3.173.219.94
43.212.191.20
54.150.67.177
0083441f7f807183aed374263e7d30c39fb68c925782e038c87901ca802d87fd
04e1bda3e962354025e86067900a924b7f58d6e5e04a24b5514e167f7d1b7e15
0b8c109fcaac03155daa7d6f9dafb7210a1dfe63335e2aad3ff0f41c7f0cfbcc
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
0eeb35920ec008521c361c88d6672342157897bbd02e8cbb179f0de0ef4a2fd0
114bbcc47335bde7e5e2823526eec82ed119b5a7adfc1a9f9e6d07b8367baa41
1928e04439d67c04788666a9c10bdfada95e52fc241493bff9899bdd708d2ac7
1982ea8b4e04e0f54bfb4a4982633b0143eb6587fe006610882084f8d639cdf5
1bc90cb805f76a9c20fb5f54764fede2fab7f93ab35b87d47c2b23e44756488c
1c68d14320495044cc8024ef9a8c81686dacfef61721788841e2e87a45487b0d
341885ebd1db9f578514e86279a449c0a698be8826d94941808d6b556283ea16
34c8b7d358b0921231543308ed893cbf72ffc5956dc4114c1a07fec2a47ba30c
38897efa705739fe14733c37ed70f61ea6d77b567c41e594a22d03660dfff6ab
3d8b20e1b8ecdad3703801eb3930a5abd84664e87cf1c68eab46531eaadad6d5
4488fb7164bdc431e88a8380c4fcefbeb163303bd4fb0cc8520df0f4dd861561
45b8f04863c0b4fc01d160ce6b5cbfa42cb512d5956099615a16d100ea49bd18
4bc8cc97559c0a52ea4f5ce0563e1bf3a7f89d660f74792e662e76d49eae4707
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50ee6523a4cba10377554c53f88bcd8b53cb5d11a03439f04f73aff55e982e86
55c60f70e07cb960757793fda77a1fde8ba3ce994e3e6e27cc5048bbde09df5b
617899f9aeaf4f4f547d0e6ceb0ee5fab1d07816feb06e733fcaf948ff9e2e32
706b596f710082bb2051e2496d06a561362f8bf9e46f8be025f35cff0a755348
72fe8d758491c731d499c3fdfe36cc77b448a8c5071b9d7576357f0e7cbbeb48
73054f3c77ff8c872b40a823d2383d5efc1b6664d25691fae81a1d19bf5895c8
7625d9a187f57c174f81ca65180e309146385ad6904fac9c99dd6e4991a0313d
77e41a6da9967c97de38c876d3ac00bb62695b5ef71d30880cff444fdb1a9ba2
7a32176012e71ceeca21e18a27ea1e626714c492dd16d36ee073d893a2bcc76e
82e260e1f779baa9824123dbb55692c2b00e89a8dd5ec17437094ab6dd824288
83171ce6831197c0f77fd1ab8b4795a6064b60f0376341672e2e989a5b2cef19
846f676a751142fccaed31408d0ba2be2769208c71987a41a374b2855c90d71d
876181aca0d3926b0d100ceea8cec400c8d5a2151048a246a1da8ff2f34b0c85
8cb82f4e773caf89305f1158d3f08ea77c6b8dafb247efc3c3f591ed528d0333
91d97c711a4a0383b8ac69106a3b79be60d79ef9252abd1e3227d5a1c839dfe1
96b357ed2f6e51a3eb6f30eb61b8a68e8f92606836f9cfd0e1b92447d39ecc46
a38f0b850fbb977e8e30364ee95bc2a096130e31cc125a7fcf82eb0004904230
ac0b3f3c19d027284060257eb4304e93b07801eae6effefdda63798d54dcdafa
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
adf596e2a46497ee6ee85d885f509bf5014a51f93d94ced81249401295fa2bd0
b2afbaaa81c82b2d2db40e809ebb3f38e70e16ee61a020e2cbe2b90b4093207e
bacc38152fcedb4d4c5c2e1e366786563d3d241fae489eb35caf10d4bd1e4e71
beca5d0e4ad7c9a0b6508ccae3c9365ab87e7d0f5cac2527559a503ace21be0a
c87f08375b6b8cc5780cba53b8ac9d23de22866bea5b53c7dbd359b47c84a0be
d1fe1eaa1bd0fa86057ff81b8d02d7c987186ff30a4b753a9676664d9ba2cdbb
d994236a5f1d841b84c355f3b4fc2db2faa2632dcf5e14dfb2ad65edf732a437
defeb8ab75d9c466f3d39569039db5afde52b07fabc19296b8dea4086bf91aee
df556fd0f412a5bed3973f18e3873d076b6c560be07f985cd31ae8505ddbf28d
e947e1c221b35f9f4be8839f36f46d3401699278dd58b7aaae5b55ebf370163b
ee8254702a08096e841c144cc57743c72d5d10e3c5722e61df56ef2d42afa8c7
f1ea622570b73822e2f9e3da1b409b2c5655dc8af0ee9801b36070934f896041
f50c870e7105d4ee8b3df576a8f5e80a78d27787585c938090ec259f77dfec46
f8b197ddf13ca59e244e404f16f9c96f12d861f89ae39f0ba0306dce60822614