urlscan.io logo urlscan.io
SecurityTrails logo

vip.packageplus-tw.com Open in urlscan Pro
172.67.139.186  Public Scan

Go To Rescan Add Verdict Report
URL: https://vip.packageplus-tw.com/
Submission: On July 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 172.67.139.186, located in United States and belongs to CLOUDFLARENET, US. The main domain is vip.packageplus-tw.com.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2024. Valid for: 3 months.
This is the only time vip.packageplus-tw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 172.67.139.186 13335 (CLOUDFLAR...)
2 2.19.226.89 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
10 4
Apex Domain
Subdomains		 Transfer
6 packageplus-tw.com
vip.packageplus-tw.com
744 KB
2 line.me
api.line.me — Cisco Umbrella Rank: 52013
access.line.me — Cisco Umbrella Rank: 88682 Failed
1 KB
1 line-scdn.net
static.line-scdn.net — Cisco Umbrella Rank: 30242
6 KB
10 3
Domain Requested by
6 vip.packageplus-tw.com vip.packageplus-tw.com
2 api.line.me vip.packageplus-tw.com
1 static.line-scdn.net vip.packageplus-tw.com
0 access.line.me Failed vip.packageplus-tw.com
10 4

This site contains no links.

Subject Issuer Validity Valid
packageplus-tw.com
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh
api.line.me
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-17 -
2024-12-17		 a year crt.sh
*.line.me
Amazon RSA 2048 M03		 2024-06-12 -
2025-07-11		 a year crt.sh

This page contains 1 frames:

Frame: https://access.line.me/oauth2/v2.1/error400?error=Bad+Request&error_description=invalid+url.+channelId%3D1656716575%2C+redirectUriString%3Dhttps%3A%2F%2Fvip.packageplus-tw.com%2F
Frame ID: 7808442E9E645201BA35C6B3397CE992
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PackAge+

Page Statistics

10
Requests

90 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

751 kB
Transfer

2568 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://access.line.me/liff/v1/authorize?app_id=1656716575-p8BEzWLR&state=V7mE6WUBbO4V&response_type=code&code_challenge_method=S256&code_challenge=DPrYmkDy49VIzssgkSao0OCjq_ie6fZ5xTeWerWiMjw&liff_sdk_version=2.17.0&redirect_uri=https%3A%2F%2Fvip.packageplus-tw.com%2F HTTP 302
  • https://access.line.me/oauth2/v2.1/error400?error=Bad+Request&error_description=invalid+url.+channelId%3D1656716575%2C+redirectUriString%3Dhttps%3A%2F%2Fvip.packageplus-tw.com%2F

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vip.packageplus-tw.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vip.packageplus-tw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d13b50690f9e9e1f1f796fd863738192705137e83e250ed16fe76ce6a24b7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
age
744
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8a4a66c4bcc7ca68-HAM
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 17 Jul 2024 12:58:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qh4Az3aXL1cFAZDKcxHeMUinCszzyKaWg4K2qAETE4lWsjpox9OCQaR6eKOcuDk1O5g3zGfGz5WPV%2BvUF4agVY5ijV0%2BZOUUHf%2FD%2FI6WEsF8%2BvN8YcbxTpMPKGDgGux68mDItSJkwyk4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-vercel-cache
HIT
x-vercel-id
arn1::8wv6q-1721221085064-f25908b0f75b
2.69e98878.chunk.css
vip.packageplus-tw.com/static/css/ 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vip.packageplus-tw.com/static/css/2.69e98878.chunk.css
Requested by
Host: vip.packageplus-tw.com
URL: https://vip.packageplus-tw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001bc59b301a3c6143f52cf31ae936254f9c1c57e030a47c40287d3e706a284e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://vip.packageplus-tw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 12:58:05 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
content-disposition
inline; filename="2.69e98878.chunk.css"
alt-svc
h3=":443"; ma=86400
x-vercel-id
cdg1::57z2p-1721221085234-e304ef2d26e3
server
cloudflare
etag
W/"368d77d339eb70452763875fb000e87c"
x-vercel-cache
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qfdv%2F2x5QvbwjDzCeu6D1mTIeG%2FSsgdGYG9HtK40PURi95VCQe7%2B96CQfw4vW2kMygJ3NqLoya1p0pd%2F%2B7rA13RF609eUptqzu9YMsGmqTjNjPo2o9iS0R9oaoGb5xykzETxvccjUcr%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8a4a66c64f0fca68-HAM
expires
Wed, 17 Jul 2024 16:58:05 GMT
main.e01c2b0e.chunk.css
vip.packageplus-tw.com/static/css/ 		59 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vip.packageplus-tw.com/static/css/main.e01c2b0e.chunk.css
Requested by
Host: vip.packageplus-tw.com
URL: https://vip.packageplus-tw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4efd95a4857b3131f8a9d39997ba1a59e299d0c71cc49fb93d7e673d2c1c344
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://vip.packageplus-tw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 12:58:05 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
content-disposition
inline; filename="main.e01c2b0e.chunk.css"
alt-svc
h3=":443"; ma=86400
x-vercel-id
arn1::49csh-1721221085323-63d71bf06490
server
cloudflare
etag
W/"1a71c5fc5e8ccac8152726f24175b29e"
x-vercel-cache
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2B7%2BWMNnaEvoHAViyVAPPatLCg5f9gaNx25Autb44GrIqhBgmO9xqfrfwjfdcPWYfE3xYf%2ByRodF7reTtIcSMvZWkwZz%2Fm%2FtTMQhej8HG%2BVQAxbsGIWrqgF7ImPvQA60jNPisioUOgWa"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8a4a66c64f10ca68-HAM
expires
Wed, 17 Jul 2024 16:58:05 GMT
2.417a8b43.chunk.js
vip.packageplus-tw.com/static/js/ 		1 MB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vip.packageplus-tw.com/static/js/2.417a8b43.chunk.js
Requested by
Host: vip.packageplus-tw.com
URL: https://vip.packageplus-tw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3eb53cec5ef53dc2c33290f0bf86ae602958f75761d35ac1d96e3677f8ca72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://vip.packageplus-tw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 12:58:05 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
content-disposition
inline; filename="2.417a8b43.chunk.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
lhr1::7zjj4-1721221085248-37d946e46339
server
cloudflare
etag
W/"12fb521af17875d92a23f3e34cd0d803"
x-vercel-cache
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CErhqGs6jh3yKUoNWAetaLHslUTr5X7tCHN4wWuDAQQ9laaX0q7XbSsO8GWdZEA2WL8RCOKi09nWMCXklxnKfvlQtNDWDxWjFm0lmLPbm5Nz8THxN2gcqJO%2BLapho9Hr8F%2Fz9JKdE3rV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8a4a66c64f12ca68-HAM
expires
Wed, 17 Jul 2024 16:58:05 GMT
main.51ba87af.chunk.js
vip.packageplus-tw.com/static/js/ 		1 MB
394 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vip.packageplus-tw.com/static/js/main.51ba87af.chunk.js
Requested by
Host: vip.packageplus-tw.com
URL: https://vip.packageplus-tw.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86cf9d5a40ffac5a2516f061406076fbf4d7922fd3d354a56d55a2cb83f2c2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://vip.packageplus-tw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 12:58:05 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
content-disposition
inline; filename="main.51ba87af.chunk.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::hr77n-1721221085275-b5097abe992d
server
cloudflare
etag
W/"b97d6560261437f451951b3f2ff078a8"
x-vercel-cache
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N796RTdLF73G8gjQszXN3Nah35hCeyD6GUGLix%2BAitsNrfL3bV0K4Jn2wLCfaUSF9eJi2IdPVVg1T6LoAyVbaePy8gU3xE%2BSnF7k1b%2BzbWCWuZF0dLuBVq0j1z1MJH3KibCtqHp6LI%2F0"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8a4a66c64f14ca68-HAM
expires
Wed, 17 Jul 2024 16:58:05 GMT
contextToken
api.line.me/liff/v2/apps/1656716575-p8BEzWLR/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.line.me/liff/v2/apps/1656716575-p8BEzWLR/contextToken
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.226.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-226-89.deploy.static.akamaitechnologies.com
Software
Armeria/1.29.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://vip.packageplus-tw.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,POST,PUT,DELETE
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 17 Jul 2024 12:58:07 GMT
expires
Wed, 17 Jul 2024 12:58:07 GMT
pragma
no-cache
server
Armeria/1.29.2
non-ios-extensions.js
static.line-scdn.net/liff/edge/2/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.line-scdn.net/liff/edge/2/non-ios-extensions.js
Requested by
Host: vip.packageplus-tw.com
URL: https://vip.packageplus-tw.com/static/js/2.417a8b43.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:4:e131:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
VOS /
Resource Hash
c154975d784136dc26f1108936970eb1b2800be2a3ac84bc92d1490d9a4c1aca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vip.packageplus-tw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
wEJ4Qkf17hu8mCHVU5F4Sa3awIMBRKH
content-encoding
gzip
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=15768000
date
Wed, 17 Jul 2024 03:00:50 GMT
x-amz-cf-pop
FRA56-P5
age
35836
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Sun, 12 Feb 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified
Tue, 13 Dec 2022 02:49:30 GMT
server
VOS
etag
W/"fe98aca26280ab2da3426c29d71ec704"
vary
Accept-Encoding,Origin
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=86400
x-amz-cf-id
OQEzpt0q8oWAcukgvywYTNagGCHYfQWbBah46EFTxaHbTiEShVRkvw==
contextToken
api.line.me/liff/v2/apps/1656716575-p8BEzWLR/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.line.me/liff/v2/apps/1656716575-p8BEzWLR/contextToken
Requested by
Host: vip.packageplus-tw.com
URL: https://vip.packageplus-tw.com/static/js/2.417a8b43.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.226.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-226-89.deploy.static.akamaitechnologies.com
Software
Armeria/1.29.2 /
Resource Hash
67c85585bba3fef58837137a715f13210875d4b70d8b5e3401cc924d0cc6c44f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://vip.packageplus-tw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 12:58:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-line-request-id
d26f5c81a786e706
server
Armeria/1.29.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
1136
x-xss-protection
1; mode=block
expires
Wed, 17 Jul 2024 12:58:07 GMT
favicon.ico
vip.packageplus-tw.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vip.packageplus-tw.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://vip.packageplus-tw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 12:58:06 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
content-disposition
inline; filename="favicon.ico"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::jfbpc-1721221086482-273c5e15b4da
server
cloudflare
etag
W/"c92b85a5b907c70211f4ec25e29a8c4a"
x-vercel-cache
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDw8F4%2Fc3oW6CNNfVZyKgtNbm7WCtDYSZ8cNSr4wPslmQkti4l6RBq8lNxVDvSkCmUNUYKJYaXG6PVfnLY6L5%2FCARoJNsQZ9hsb1kSrY%2B8zNxssBBc4%2FGUfdPq%2FgS1AfEHWFfRPgRhxW"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8a4a66cdd9bfca68-HAM
expires
Wed, 17 Jul 2024 16:58:06 GMT
error400
access.line.me/oauth2/v2.1/
Redirect Chain
  • https://access.line.me/liff/v1/authorize?app_id=1656716575-p8BEzWLR&state=V7mE6WUBbO4V&response_type=code&code_challenge_method=S256&code_challenge=DPrYmkDy49VIzssgkSao0OCjq_ie6fZ5xTeWerWiMjw&liff_...
  • https://access.line.me/oauth2/v2.1/error400?error=Bad+Request&error_description=invalid+url.+channelId%3D1656716575%2C+redirectUriString%3Dhttps%3A%2F%2Fvip.packageplus-tw.com%2F
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
access.line.me
URL
https://access.line.me/oauth2/v2.1/error400?error=Bad+Request&error_description=invalid+url.+channelId%3D1656716575%2C+redirectUriString%3Dhttps%3A%2F%2Fvip.packageplus-tw.com%2F

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonppackage function| setImmediate function| clearImmediate object| regeneratorRuntime object| __SENTRY__ function| IMask object| liff object| webpackChunkliffClientExtension object| liffClientExtension

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000