URL: https://account.hyvyd.com/
Submission: On February 24 via automatic, source certstream-suspicious

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 88.99.217.231, located in Germany and belongs to HETZNER-AS, DE. The main domain is account.hyvyd.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 24th 2020. Valid for: 3 months.
This is the only time account.hyvyd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 88.99.217.231 24940 (HETZNER-AS)
6 1
Apex Domain
Subdomains
Transfer
6 hyvyd.com
account.hyvyd.com
static.hyvyd.com
55 KB
6 1
Domain Requested by
3 static.hyvyd.com account.hyvyd.com
3 account.hyvyd.com static.hyvyd.com
6 2

This site contains no links.

Subject Issuer Validity Valid
account.hyvyd.com
Let's Encrypt Authority X3
2020-02-24 -
2020-05-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://account.hyvyd.com/
Frame ID: 8148486602BD0AFE77736F4317E8624B
Requests: 6 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

55 kB
Transfer

147 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
account.hyvyd.com/
3 KB
2 KB
Document
General
Full URL
https://account.hyvyd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.217.99.88.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
b9c2ad9db2efab02bf21a7025309b9c53f976082061483fd4fb7b3388ef3cc52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
account.hyvyd.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
server
nginx/1.10.3
date
Mon, 24 Feb 2020 08:42:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
PHPSESSID=q2346fpii3r4s4le9m2rrbsk4p; expires=Mon, 24-Feb-2020 20:42:57 GMT; Max-Age=43200; path=/; domain=.hyvyd.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=1
expires
Mon, 24 Feb 2020 06:42:57 GMT
pragma
no-cache
last-modified
Mon, 24 Feb 2020 08:42:57 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM",policyref="/w3c/p3p.xml"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding
gzip
main_hyvyd.css
static.hyvyd.com//include/styles/
45 KB
11 KB
Stylesheet
General
Full URL
https://static.hyvyd.com//include/styles/main_hyvyd.css?v=1572449540
Requested by
Host: account.hyvyd.com
URL: https://account.hyvyd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.217.99.88.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
d1db77bddba824e1a4967046a5f12875e06ffafc803415c36a6a3fe4a7864cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.hyvyd.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 24 Feb 2020 08:42:57 GMT
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 15:32:20 GMT
server
nginx/1.10.3
etag
W/"5db9ad04-b270"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
status
200
cache-control
max-age=315360000
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
helptext.js
static.hyvyd.com//include/js/
26 KB
10 KB
Script
General
Full URL
https://static.hyvyd.com//include/js/helptext.js?v=1536313196
Requested by
Host: account.hyvyd.com
URL: https://account.hyvyd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.217.99.88.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
1562f091bb99caa3494551733858d46c70ab1855a91106a5cf2fbcbc26ffda34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.hyvyd.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 08:42:57 GMT
content-encoding
gzip
last-modified
Fri, 07 Sep 2018 09:39:56 GMT
server
nginx/1.10.3
etag
W/"5b92476c-6825"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
status
200
cache-control
max-age=315360000
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
alertify.js
account.hyvyd.com/include/js/
35 KB
10 KB
Script
General
Full URL
https://account.hyvyd.com/include/js/alertify.js
Requested by
Host: static.hyvyd.com
URL: https://static.hyvyd.com//include/js/helptext.js?v=1536313196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.217.99.88.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
6b9049404315bca25bb37f21e56dc4157238b2f8d57b32676732b5605177166d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.hyvyd.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 08:42:57 GMT
content-encoding
gzip
last-modified
Thu, 29 Mar 2018 11:10:46 GMT
server
nginx/1.10.3
etag
W/"5abcc9b6-8c0c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
status
200
cache-control
max-age=315360000
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
alertify.css
account.hyvyd.com/include/js/
20 KB
4 KB
Stylesheet
General
Full URL
https://account.hyvyd.com/include/js/alertify.css
Requested by
Host: static.hyvyd.com
URL: https://static.hyvyd.com//include/js/helptext.js?v=1536313196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.217.99.88.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.hyvyd.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 24 Feb 2020 08:42:57 GMT
content-encoding
gzip
last-modified
Thu, 29 Mar 2018 11:10:46 GMT
server
nginx/1.10.3
etag
W/"5abcc9b6-509f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
status
200
cache-control
max-age=315360000
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
hyvyd_logo.png
static.hyvyd.com/include/images/logos/
18 KB
19 KB
Image
General
Full URL
https://static.hyvyd.com/include/images/logos/hyvyd_logo.png
Requested by
Host: account.hyvyd.com
URL: https://account.hyvyd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.217.99.88.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
0852377297a1f2f25dcd7ec99d83257752e30b0008378d25a7c8951a3f4157a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.hyvyd.com//include/styles/main_hyvyd.css?v=1572449540
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 08:42:57 GMT
last-modified
Mon, 10 Apr 2017 15:31:02 GMT
server
nginx/1.10.3
etag
"58eba536-4917"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
status
200
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
18711
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| ns4 undefined| ope boolean| fox undefined| ie5 boolean| saf boolean| kon boolean| ns6 undefined| ie8 undefined| ie9 boolean| showerr string| wopt string| mopt object| cnT number| ccT boolean| iPad boolean| mobD boolean| iFrm function| vd function| popUp function| wopen function| breakout function| wC function| rC function| eC function| wS function| rS function| eS function| sleep function| HO function| HC function| SH function| HD function| TAL function| SEL function| MSEL function| SEFI function| CON function| MSG function| CTC function| DSL function| DSCK number| WFC function| WF function| WS boolean| dinit object| drso number| dragx number| dragy number| posx number| posy function| drsi function| drst function| drsp function| drag function| BF function| PF function| fSize function| trim function| CC function| IL function| swiffyLoad function| AX function| GET function| FuS string| hex_chr function| rhex function| str2blks_MD5 function| add function| rol function| cmn function| ff function| gg function| hh function| ii function| md5 function| tC function| setOpacity function| fadeOpacity function| doneOpacity function| fadeInAni function| fadeIn function| fadeInDone boolean| tt_act function| ST boolean| navR function| SN boolean| ntloc function| SL function| callGAdd function| CW function| CDR function| CDW function| CDC function| CDI function| gaLoad function| Xval function| Yval function| sortSel function| hasOpt function| mSelOpt function| cSelOpt function| rSelOpt function| selAllOpt function| OF function| AF function| oC function| alAlert function| alConfirm function| alPrompt function| CL function| HumanBytes function| MO function| LazyImg object| alertify

2 Cookies

Domain/Path Name / Value
account.hyvyd.com/ Name: cookie_js_check
Value: true
.hyvyd.com/ Name: PHPSESSID
Value: q2346fpii3r4s4le9m2rrbsk4p

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains