What is the name of the domain?
https://nbpm.amtran.com.tw/GAIA/
What is the issue you’re encountering
during the testing process, the computer screen does not remain in the loading state, but on the mobile app, it gets stuck on the loading screen. When WAF is disabled, the screen displays immediately. No errors were found in Security → Events.Refused to load the script ‘https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015’ because it violates the following Content Security Policy directive: “script-src ‘self’ ‘unsafe-inline’ ‘unsafe-eval’”. Note that ‘script-src-elem’ was not explicitly set, so ‘script-src’ is used as a fallback. Understand this errorAI ToolBarMenu:1 Refused to load the script ‘https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015’ because it violates the following Content Security Policy directive: “script-src ‘self’ ‘unsafe-inline’ ‘unsafe-eval’”. Note that ‘script-src-elem’ was not explicitly set, so ‘script-src’ is used as a fallback.
Was the site working with SSL prior to adding it to Cloudflare?
No
What is the current SSL/TLS setting?
Flexible