urlscan.io logo urlscan.io
SecurityTrails logo

beta.payment.healthygacha.com Open in urlscan Pro
20.82.22.191  Public Scan

Go To Rescan Add Verdict Report
URL: https://beta.payment.healthygacha.com/
Submission: On March 03 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 20.82.22.191, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is beta.payment.healthygacha.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on March 3rd 2023. Valid for: 6 months.
This is the only time beta.payment.healthygacha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 20.82.22.191 8075 (MICROSOFT...)
2 104.87.135.233 16625 (AKAMAI-AS)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2.18.169.173 16625 (AKAMAI-AS)
10 4
Apex Domain
Subdomains		 Transfer
5 healthygacha.com
beta.payment.healthygacha.com
516 KB
3 line-scdn.net
static.line-scdn.net — Cisco Umbrella Rank: 40936
liffsdk.line-scdn.net — Cisco Umbrella Rank: 190522
7 KB
2 line.me
api.line.me — Cisco Umbrella Rank: 71984
1 KB
10 3
Domain Requested by
5 beta.payment.healthygacha.com beta.payment.healthygacha.com
2 liffsdk.line-scdn.net beta.payment.healthygacha.com
2 api.line.me beta.payment.healthygacha.com
1 static.line-scdn.net beta.payment.healthygacha.com
10 4

This site contains links to these domains. Also see Links.

Domain
ccore.newebpay.com
Subject Issuer Validity Valid
beta.payment.healthygacha.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-03-03 -
2023-09-03		 6 months crt.sh
api.line.me
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-11 -
2024-02-14		 a year crt.sh
*.line-scdn.net
GlobalSign RSA OV SSL CA 2018		 2022-07-28 -
2023-08-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://beta.payment.healthygacha.com/
Frame ID: 0827C314748A62D9E93A93D5CEEA7A8C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HealthyGacha

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

525 kB
Transfer

715 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beta.payment.healthygacha.com/ 		610 B
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beta.payment.healthygacha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
17584912036ba078b82b19232d3e28a169a2ead4757039bba206b2136836aa81
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Fri, 03 Mar 2023 03:40:57 GMT
etag
"12130681"
last-modified
Thu, 02 Mar 2023 16:30:29 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
chunk-vendors.ad0ebd0b.js
beta.payment.healthygacha.com/js/ 		264 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.payment.healthygacha.com/js/chunk-vendors.ad0ebd0b.js
Requested by
Host: beta.payment.healthygacha.com
URL: https://beta.payment.healthygacha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d5c1eabdc39bc0967100b1a963c8b81076dacbd0e3407e0a16b7c579da750e2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://beta.payment.healthygacha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 03:40:57 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Thu, 02 Mar 2023 16:30:29 GMT
x-content-type-options
nosniff
etag
"12130681"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
app.8814557d.js
beta.payment.healthygacha.com/js/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.payment.healthygacha.com/js/app.8814557d.js
Requested by
Host: beta.payment.healthygacha.com
URL: https://beta.payment.healthygacha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90ccaf854270ca5ce27c6530896998a851f8d8afd5c8b26ca859ed547f04f121
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://beta.payment.healthygacha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 03:40:57 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Thu, 02 Mar 2023 16:30:29 GMT
x-content-type-options
nosniff
etag
"12130681"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
app.87d67fb9.css
beta.payment.healthygacha.com/css/ 		303 B
216 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beta.payment.healthygacha.com/css/app.87d67fb9.css
Requested by
Host: beta.payment.healthygacha.com
URL: https://beta.payment.healthygacha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b59b48d251c2610a3f5efb4e198fb7812529485e4eb22b93baf0956a66500c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://beta.payment.healthygacha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 03:40:57 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Thu, 02 Mar 2023 16:30:29 GMT
x-content-type-options
nosniff
etag
"12130681"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
contextToken
api.line.me/liff/v2/apps/1657905452-zDnmpY3D/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.line.me/liff/v2/apps/1657905452-zDnmpY3D/contextToken
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.135.233 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-135-233.deploy.static.akamaitechnologies.com
Software
Armeria/1.21.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://beta.payment.healthygacha.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,POST,PUT,DELETE
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Fri, 03 Mar 2023 03:40:58 GMT
expires
Fri, 03 Mar 2023 03:40:58 GMT
pragma
no-cache
server
Armeria/1.21.0
97843492954A036A94DAB0BCB993D5663E836F42.363c127e.png
beta.payment.healthygacha.com/img/ 		420 KB
421 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beta.payment.healthygacha.com/img/97843492954A036A94DAB0BCB993D5663E836F42.363c127e.png
Requested by
Host: beta.payment.healthygacha.com
URL: https://beta.payment.healthygacha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ff6aa64ec0014627e068d1b851d935e56ca01241f6c543b7ff6a4f45995fc50d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://beta.payment.healthygacha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 03:40:57 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Mar 2023 16:30:29 GMT
etag
"12130681"
x-dns-prefetch-control
off
content-type
image/png
cache-control
public, must-revalidate, max-age=30
content-length
430435
x-xss-protection
1; mode=block
non-ios-extensions.js
static.line-scdn.net/liff/edge/2/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.line-scdn.net/liff/edge/2/non-ios-extensions.js
Requested by
Host: beta.payment.healthygacha.com
URL: https://beta.payment.healthygacha.com/js/chunk-vendors.ad0ebd0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8000:4:e131:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
VOS /
Resource Hash
c154975d784136dc26f1108936970eb1b2800be2a3ac84bc92d1490d9a4c1aca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
wEJ4Qkf17hu8mCHVU5F4Sa3awIMBRKH
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
strict-transport-security
max-age=15768000
date
Thu, 02 Mar 2023 04:03:22 GMT
x-amz-cf-pop
FRA2-C1
age
85113
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Wed, 28 Dec 2022 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified
Tue, 13 Dec 2022 02:49:30 GMT
server
VOS
etag
W/"fe98aca26280ab2da3426c29d71ec704"
vary
Accept-Encoding,Origin
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=86400
x-amz-cf-id
3WAA5ElgcElCNWpFn24kEH2C8qw8A1G-YFzIZOOSzKl9Kqu0r2TACA==
contextToken
api.line.me/liff/v2/apps/1657905452-zDnmpY3D/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.line.me/liff/v2/apps/1657905452-zDnmpY3D/contextToken
Requested by
Host: beta.payment.healthygacha.com
URL: https://beta.payment.healthygacha.com/js/chunk-vendors.ad0ebd0b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.135.233 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-135-233.deploy.static.akamaitechnologies.com
Software
Armeria/1.21.0 /
Resource Hash
ced9fda67d5c9ba999a8c92084d18c9835777551cf0e6ee46ca44c7e9b6459ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 03 Mar 2023 03:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-line-request-id
70e293c901711a73
server
Armeria/1.21.0
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
1092
x-xss-protection
1; mode=block
expires
Fri, 03 Mar 2023 03:40:59 GMT
manifest.json
liffsdk.line-scdn.net/xlt/ 		913 B
892 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://liffsdk.line-scdn.net/xlt/manifest.json
Requested by
Host: beta.payment.healthygacha.com
URL: https://beta.payment.healthygacha.com/js/chunk-vendors.ad0ebd0b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.169.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-169-173.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
27fd09e5f03b07b9192a5358e2a3dbe02a401c70ea8de58422a86cb5635680e0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
application/json
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
date
Fri, 03 Mar 2023 03:41:00 GMT
x-amz-request-id
tx00000ba2d6aed8edb3d4f-0064016c4c-12075d6c-jp2
content-length
492
last-modified
Fri, 16 Sep 2022 05:10:05 GMT
server
VOS
etag
"bea54135ed3e6d59fdda03b8e74b6034"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,Connection,Date,ETag,Server,x-amz-request-id
x-rgw-object-type
Normal
cache-control
public,max-age=300
vary
Accept-Encoding, Origin
accept-ranges
bytes
messages_en.405289141c4efaeb44c1a460642c6ab0.json
liffsdk.line-scdn.net/xlt/ 		257 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://liffsdk.line-scdn.net/xlt/messages_en.405289141c4efaeb44c1a460642c6ab0.json
Requested by
Host: beta.payment.healthygacha.com
URL: https://beta.payment.healthygacha.com/js/chunk-vendors.ad0ebd0b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.169.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-169-173.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
a649ec3a6a1febfb3f1429d69188bb27abda90dc06511d791f69e5f258a52f07
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
application/json
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
date
Fri, 03 Mar 2023 03:41:01 GMT
x-amz-request-id
tx00000fc5c46e0aaf57508-0064016c4d-1206ffd8-jp2
content-length
257
last-modified
Fri, 16 Sep 2022 05:10:05 GMT
server
VOS
etag
"ec168ffdb3aa41ce3a08674e98ee58dd"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,Connection,Date,ETag,Server,x-amz-request-id
x-rgw-object-type
Normal
cache-control
public,max-age=300
vary
Origin
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| webpackChunkHealthyGacha boolean| __VUE__ object| liff object| webpackChunkliffClientExtension object| liffClientExtension

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block