urlscan.io logo urlscan.io
SecurityTrails logo

bank.sinopac.com Open in urlscan Pro
211.76.150.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mma.tw/O01WY
Effective URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Submission: On April 11 via manual from TW — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 28 HTTP transactions. The main IP is 211.76.150.19, located in Banqiao, Taiwan and belongs to SINOPAC SinoPac Holdings Corporate Network, TW. The main domain is bank.sinopac.com.
TLS certificate: Issued by TWCA Global EVSSL Certification Autho... on February 20th 2023. Valid for: a year.
This is the only time bank.sinopac.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 211.76.150.156 18045 (SINOPAC S...)
1 2 211.76.150.56 18045 (SINOPAC S...)
20 211.76.150.19 18045 (SINOPAC S...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 211.76.151.128 18045 (SINOPAC S...)
1 2a00:1450:400... 15169 (GOOGLE)
28 6
1    211.76.150.156 (Banqiao, Taiwan)

ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW)
PTR: 211-76-150-156.hinet-ip.hinet.net
mma.tw
2    211.76.150.56 (Banqiao, Taiwan)

ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW)
PTR: 211-76-150-56.hinet-ip.hinet.net
mma.sinopac.com
20    211.76.150.19 (Banqiao, Taiwan)

ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW)
PTR: 211-76-150-19.hinet-ip.hinet.net
bank.sinopac.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    211.76.151.128 (Banqiao, Taiwan)

ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW)
PTR: 211-76-151-128.hinet-ip.hinet.net
dmp.sinopac.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
25 sinopac.com
mma.sinopac.com
bank.sinopac.com
dmp.sinopac.com
1 MB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 100
346 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
61 KB
1 mma.tw
mma.tw
791 B
28 5
Domain Requested by
20 bank.sinopac.com bank.sinopac.com
3 dmp.sinopac.com bank.sinopac.com
dmp.sinopac.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mma.sinopac.com 1 redirects bank.sinopac.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com bank.sinopac.com
1 mma.tw 1 redirects
28 7

This site contains no links.

Subject Issuer Validity Valid
bank.sinopac.com
TWCA Global EVSSL Certification Authority		 2023-02-20 -
2024-03-16		 a year crt.sh
mma.sinopac.com
TWCA Global EVSSL Certification Authority		 2022-07-25 -
2023-08-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
dmp.sinopac.com
TWCA Global EVSSL Certification Authority		 2022-11-02 -
2023-12-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Frame ID: 4DF38977D3EC47DF487B4A9C8DFA7A51
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

永豐銀行 尊榮升等

Page URL History Show full URLs

  1. https://mma.tw/O01WY HTTP 302
    https://mma.sinopac.com/SinoCard/api/ShortUrl/links/O01WY HTTP 302
    https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • sensorsdata
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

6
IPs

4
Countries

1427 kB
Transfer

2034 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mma.tw/O01WY HTTP 302
    https://mma.sinopac.com/SinoCard/api/ShortUrl/links/O01WY HTTP 302
    https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/
Redirect Chain
  • https://mma.tw/O01WY
  • https://mma.sinopac.com/SinoCard/api/ShortUrl/links/O01WY
  • https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
937ef8589e477211687e15634006cc7ded803e9a6b09042187aedc2bca619dfa
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
8064
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Content-Type
text/html
Date
Tue, 11 Apr 2023 14:27:41 GMT
ETag
"80dfc9431340d91:0"
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Content-Length
0
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sinopac.com www.sinopac-bonus.com https://accessibility.mmab2c.com https://www.mmab2c.com https://dawho.tw
Date
Tue, 11 Apr 2023 14:27:40 GMT
Expires
-1
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Location
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff nosniff
X-XSS-Protection
1; mode=block
bootstrap.min.css
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/ 		156 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/bootstrap.min.css
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
a98de7f79af22bd534296f9a1779bc76876282d7e55b6e65975b9946b31f5f5b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Date
Tue, 11 Apr 2023 14:27:42 GMT
Content-Length
23621
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 14 Feb 2023 01:25:46 GMT
ETag
"04931431340d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
custom.css
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
daf1d3035fa81c720bf4004cb8a38df152af63dc440b996bb3c67f9ec3ac74f9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Date
Tue, 11 Apr 2023 14:27:42 GMT
Content-Length
3028
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
ETag
"80dfc9431340d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
logo-wh.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/logo-wh.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
87c38da2208bc4098f0d0868e1a750bc4d642ecd03563dee21641fd47962393d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:43 GMT
ETag
"378bd0431340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
7620
X-XSS-Protection
1; mode=block
kv-title.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/kv-title.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
361c0b14b5376f45ebc75ed32c400507c2e6ac4c3cc451b0e76d60db5f20bb71
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:43 GMT
ETag
"c088e441340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
104555
X-XSS-Protection
1; mode=block
title.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/title.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
c8aba97b5a7ff63578c6b6747e4494079406ec9f9819ae9c22482c4d7f6ddcbc
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:43 GMT
ETag
"fe242b441340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
11960
X-XSS-Protection
1; mode=block
point.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		614 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/point.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
1d1bfc0f10b251f51d83ed2e08629eb4e6f40b4b06f09c8a6f62bd055ce1f304
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:42 GMT
ETag
"709b21441340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
614
X-XSS-Protection
1; mode=block
table.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/table.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
5fa329ff28f4e1beed82deb190287405386ae3a2bbd7f16edf33608b328786b4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:42 GMT
ETag
"dcfd23441340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
52077
X-XSS-Protection
1; mode=block
CaptchaImage.ashx
mma.sinopac.com/EventSiteApi/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.sinopac.com/EventSiteApi/CaptchaImage.ashx
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.56 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-56.hinet-ip.hinet.net
Software
/
Resource Hash
df1867575c31f8db7c84daaa191d93aae73b00ddefe6f13c2516be2df9771a23
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sinopac.com www.sinopac-bonus.com https://accessibility.mmab2c.com https://www.mmab2c.com https://dawho.tw
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sinopac.com www.sinopac-bonus.com https://accessibility.mmab2c.com https://www.mmab2c.com https://dawho.tw
Referrer-Policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Date
Tue, 11 Apr 2023 14:27:43 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
private
Feature-Policy
accelerometer *; camera *; geolocation *; gyroscope *; magnetometer *; microphone *; payment *; usb *, accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Content-Length
2344
X-XSS-Protection
1; mode=block, 1; mode=block
confirm.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/confirm.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
8399989f67b833fbedd358468e2eb303efd7ac5fb2379e54bb886079ed4d2da3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:42 GMT
ETag
"56d9de431340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
4659
X-XSS-Protection
1; mode=block
rewrite-btn.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/rewrite-btn.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
164fc995509058e88481bb9a45a92adcacee8ec0cde2e519e840ba2deee63571
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:43 GMT
ETag
"709b21441340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
5474
X-XSS-Protection
1; mode=block
submit-btn.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/submit-btn.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
4cc8865832faea237116774ba1afba3d3a059f8bcc3ace4005afc6d52be70f14
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:43 GMT
ETag
"dcfd23441340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
8469
X-XSS-Protection
1; mode=block
agree-btn.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/agree-btn.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
79c673d84c359e71fc2665341cd9a98dc1011cd0f8133681ddc4663e18e586ea
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:43 GMT
ETag
"baedd2431340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
4506
X-XSS-Protection
1; mode=block
jquery.securejs
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/js/jquery.securejs
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Date
Tue, 11 Apr 2023 14:27:42 GMT
Content-Length
30736
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
ETag
"80dfc9431340d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
bootstrap.securejs
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/js/bootstrap.securejs
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
03ace13cf97c2b8a48d4f158222cce6c201ba7c88615c489043ca8c2acc8fdc1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Date
Tue, 11 Apr 2023 14:27:42 GMT
Content-Length
15884
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
ETag
"80dfc9431340d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
popper.securejs
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/js/popper.securejs
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
bc38647277fa1b5082cc49c6acb7bee7772ce3a79b53ff5cfc12f9195fac41b4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Date
Tue, 11 Apr 2023 14:27:43 GMT
Content-Length
8786
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
ETag
"80dfc9431340d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		256 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQNGCJN
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41e2357a2bc6c886a383d788cb35a869025bae43d12af1a887b9f9e3284f2ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 14:27:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62465
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Apr 2023 14:27:43 GMT
kv-bg.jpg
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		740 KB
740 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/kv-bg.jpg
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
6d6340297e103d01124fef3274ac39938c4b0ff88581d38af7064071553a898f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:42 GMT
ETag
"5226c441340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
757411
X-XSS-Protection
1; mode=block
bg-shadow.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/bg-shadow.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
02f7c503a9d5f980502e3eca7c3373b66847cf79850a70906e7986344a377c9d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:42 GMT
ETag
"baedd2431340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
1847
X-XSS-Protection
1; mode=block
bg.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/bg.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
e3aaafcc11b97f37babbd55132250fd618a90655448ecc25c3d7efc0719ad21e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:42 GMT
ETag
"2d15da431340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
208903
X-XSS-Protection
1; mode=block
comment.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/comment.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
11f62817048a490c166f0aa928ca6f64a32b7494e2f3fa967156bd75fb6493c0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:42 GMT
ETag
"56d9de431340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
1320
X-XSS-Protection
1; mode=block
outline.png
bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/img/pageItem/outline.png
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.76.150.19 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-150-19.hinet-ip.hinet.net
Software
/
Resource Hash
6c614c79f0ecd30a757e0782a37b7dff0240f746f68828408ca468f3c59c8cd7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/assets/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Feb 2023 01:25:47 GMT
Date
Tue, 11 Apr 2023 14:27:42 GMT
ETag
"709b21441340d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none
Permissions-Policy
accelerometer=(),camera=(),geolocation=(self),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
Accept-Ranges
bytes
Content-Length
47215
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQNGCJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Apr 2023 12:43:13 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6270
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 11 Apr 2023 14:43:13 GMT
sensorsdata.min.securejs
dmp.sinopac.com/DMP_SA/SDK/Scripts/ 		164 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.sinopac.com/DMP_SA/SDK/Scripts/sensorsdata.min.securejs
Requested by
Host: bank.sinopac.com
URL: https://bank.sinopac.com/sinopacBT/webevents/wealth_upgrade/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
211.76.151.128 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-151-128.hinet-ip.hinet.net
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
6b5a7cb756ad5bf67b3edc1e9fcae543c8b3b508fa0d329d7c2af4df4b34e315
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval';img-src 'self' https: http: data:, default-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bank.sinopac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff, nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval';img-src 'self' https: http: data:, default-src * 'unsafe-inline' 'unsafe-eval';
date
Tue, 11 Apr 2023 14:27:44 GMT
x-powered-by
ARR/3.0
content-length
48601
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
last-modified
Mon, 21 Nov 2022 10:44:14 GMT
server
Microsoft-IIS/10.0
etag
"093673296fdd81:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*.sinopac.com
feature-policy
accelerometer *; camera *; geolocation *; gyroscope *; magnetometer *; microphone *; payment *; usb *, accelerometer *; camera *; geolocation *; gyroscope *; magnetometer *; microphone *; payment *; usb *
accept-ranges
bytes
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=602170700&t=pageview&_s=1&dl=https%3A%2F%2Fbank.sinopac.com%2FsinopacBT%2Fwebevents%2Fwealth_upgrade%2Findex.html&ul=en-us&de=UTF-8&dt=%E6%B0%B8%E8%B1%90%E9%8A%80%E8%A1%8C%20%E5%B0%8A%E6%A6%AE%E5%8D%87%E7%AD%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAIC~&jid=970575974&gjid=1053713993&cid=618463679.1681223263&tid=UA-106742062-1&_gid=561751918.1681223263&_r=1&_slc=1&gtm=45He34a0n81WQNGCJN&z=441384268
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bank.sinopac.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Apr 2023 14:27:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bank.sinopac.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-106742062-1&cid=618463679.1681223263&jid=970575974&gjid=1053713993&_gid=561751918.1681223263&_u=YEBAAEAAAAAAACAAIC~&z=692479580
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bank.sinopac.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 11 Apr 2023 14:27:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bank.sinopac.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
dmp.sinopac.com/DMP_SA/API/ 		0
70 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dmp.sinopac.com/DMP_SA/API/
Requested by
Host: dmp.sinopac.com
URL: https://dmp.sinopac.com/DMP_SA/SDK/Scripts/sensorsdata.min.securejs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
211.76.151.128 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-151-128.hinet-ip.hinet.net
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval';img-src 'self' https: http: data:, default-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://bank.sinopac.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff, nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval';img-src 'self' https: http: data:, default-src * 'unsafe-inline' 'unsafe-eval';
server
Microsoft-IIS/10.0
date
Tue, 11 Apr 2023 14:27:45 GMT
referrer-policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
x-powered-by
ARR/3.0
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/plain
access-control-allow-origin
*.sinopac.com
cache-control
no-cache, no-store, must-revalidate
feature-policy
accelerometer *; camera *; geolocation *; gyroscope *; magnetometer *; microphone *; payment *; usb *, accelerometer *; camera *; geolocation *; gyroscope *; magnetometer *; microphone *; payment *; usb *
content-length
20
x-xss-protection
1; mode=block, 1; mode=block
/
dmp.sinopac.com/DMP_SA/API/ 		0
130 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dmp.sinopac.com/DMP_SA/API/
Requested by
Host: dmp.sinopac.com
URL: https://dmp.sinopac.com/DMP_SA/SDK/Scripts/sensorsdata.min.securejs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
211.76.151.128 Banqiao, Taiwan, ASN18045 (SINOPAC SinoPac Holdings Corporate Network, TW),
Reverse DNS
211-76-151-128.hinet-ip.hinet.net
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval';img-src 'self' https: http: data:, default-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://bank.sinopac.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff, nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval';img-src 'self' https: http: data:, default-src * 'unsafe-inline' 'unsafe-eval';
server
Microsoft-IIS/10.0
date
Tue, 11 Apr 2023 14:27:45 GMT
referrer-policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
x-powered-by
ARR/3.0
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/plain
access-control-allow-origin
*.sinopac.com
cache-control
no-cache, no-store, must-revalidate
feature-policy
accelerometer *; camera *; geolocation *; gyroscope *; magnetometer *; microphone *; payment *; usb *, accelerometer *; camera *; geolocation *; gyroscope *; magnetometer *; microphone *; payment *; usb *
content-length
20
x-xss-protection
1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| sPlatform object| sensorsDataAnalytic201505 object| sensors object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| bootstrap function| Popper function| resetVal function| generateId function| checkFormat function| reloadCaptcha function| postReq function| checkIfCheck function| respCode object| JSON3 object| SensorsDataWebJSSDKPlugin function| sensorsdata_app_call_js function| sensorsdata_app_js_bridge_call_js

10 Cookies

Domain/Path Name / Value
mma.tw/ Name: TS012dd74f
Value: 013da0ccc06edcc6151f369167b5c427dfc1ba21605d23945561cba3fe96c22a84a8618d831c18b58b593c2f97d5a63ff2ac4d5463
mma.sinopac.com/ Name: sinopac_cookie
Value: !KRsoYt0TJZyErwyYzwLAGPYzdbCK1b33V4fsqAW14tfOq8vAT3wzv/6sWyEGSYDR34pQ8UC1rT+wIQ==
mma.sinopac.com/ Name: TS014b8f7a
Value: 013da0ccc042c4f149720591a368f4f19d7652ad21d5a1dce5a2620233d2ba62d8b42f8a52f0d2c42c9ba5f959e721185aaff68d39
bank.sinopac.com/ Name: TS010c8cea
Value: 013da0ccc03ec59701611df80bd0d8fd846903840d1c08a3aa1a2c39bbf939c6569633ea6729a3c7c15afc742b7aa6d7c85ad871cd
mma.sinopac.com/ Name: ASP.NET_SessionId
Value: hpqd4qnauxp5wibqls2rej0u
.sinopac.com/ Name: _ga
Value: GA1.2.618463679.1681223263
.sinopac.com/ Name: _gid
Value: GA1.2.561751918.1681223263
.sinopac.com/ Name: _gat_UA-106742062-1
Value: 1
.sinopac.com/ Name: sajssdk_2015_cross_new_user
Value: 1
.sinopac.com/ Name: sensorsdata2015jssdkcross
Value: %7B%22distinct_id%22%3A%2218770b72b1d15a-097aa08d9712548-623b5556-1920000-18770b72b1eb02%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E7%9B%B4%E6%8E%A5%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg3NzBiNzJiMWQxNWEtMDk3YWEwOGQ5NzEyNTQ4LTYyM2I1NTU2LTE5MjAwMDAtMTg3NzBiNzJiMWViMDIifQ%3D%3D%22%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218770b72b1d15a-097aa08d9712548-623b5556-1920000-18770b72b1eb02%22%7D

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: ''none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, camera, geolocation, gyroscope, magnetometer, microphone, payment, usb. Values defined in Permissions-Policy header will be used.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: blob: https:; frame-ancestors 'self' *.sinopac.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.sinopac.com
dmp.sinopac.com
mma.sinopac.com
mma.tw
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:36::178
211.76.150.156
211.76.150.19
211.76.150.56
211.76.151.128
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9d
02f7c503a9d5f980502e3eca7c3373b66847cf79850a70906e7986344a377c9d
03ace13cf97c2b8a48d4f158222cce6c201ba7c88615c489043ca8c2acc8fdc1
11f62817048a490c166f0aa928ca6f64a32b7494e2f3fa967156bd75fb6493c0
164fc995509058e88481bb9a45a92adcacee8ec0cde2e519e840ba2deee63571
1d1bfc0f10b251f51d83ed2e08629eb4e6f40b4b06f09c8a6f62bd055ce1f304
361c0b14b5376f45ebc75ed32c400507c2e6ac4c3cc451b0e76d60db5f20bb71
41e2357a2bc6c886a383d788cb35a869025bae43d12af1a887b9f9e3284f2ec1
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4cc8865832faea237116774ba1afba3d3a059f8bcc3ace4005afc6d52be70f14
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5fa329ff28f4e1beed82deb190287405386ae3a2bbd7f16edf33608b328786b4
6b5a7cb756ad5bf67b3edc1e9fcae543c8b3b508fa0d329d7c2af4df4b34e315
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c614c79f0ecd30a757e0782a37b7dff0240f746f68828408ca468f3c59c8cd7
6d6340297e103d01124fef3274ac39938c4b0ff88581d38af7064071553a898f
79c673d84c359e71fc2665341cd9a98dc1011cd0f8133681ddc4663e18e586ea
8399989f67b833fbedd358468e2eb303efd7ac5fb2379e54bb886079ed4d2da3
87c38da2208bc4098f0d0868e1a750bc4d642ecd03563dee21641fd47962393d
937ef8589e477211687e15634006cc7ded803e9a6b09042187aedc2bca619dfa
a98de7f79af22bd534296f9a1779bc76876282d7e55b6e65975b9946b31f5f5b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc38647277fa1b5082cc49c6acb7bee7772ce3a79b53ff5cfc12f9195fac41b4
c8aba97b5a7ff63578c6b6747e4494079406ec9f9819ae9c22482c4d7f6ddcbc
daf1d3035fa81c720bf4004cb8a38df152af63dc440b996bb3c67f9ec3ac74f9
df1867575c31f8db7c84daaa191d93aae73b00ddefe6f13c2516be2df9771a23
e3aaafcc11b97f37babbd55132250fd618a90655448ecc25c3d7efc0719ad21e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855