account.hyvyd.com Open in urlscan Pro
88.99.217.231  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response account.hyvyd.com/	3 KB 2 KB	60ms 13ms	Document text/html	88.99.217.231 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://account.hyvyd.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.231.217.99.88.clients.your-server.de Software nginx/1.10.3 / Resource Hash 3450194ef1c86dd40721160df15db28e17dac78f43a2981f03cd131eb47562b7 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers :method GET :authority account.hyvyd.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx/1.10.3 date Wed, 06 Oct 2021 00:01:02 GMT content-type text/html; charset=utf-8 vary Accept-Encoding set-cookie PHPSESSID=o4369kkei33nuiiu0ji6smlt93; expires=Wed, 06-Oct-2021 12:01:02 GMT; Max-Age=43200; path=/; domain=.hyvyd.com cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=1 expires Tue, 05 Oct 2021 22:01:02 GMT pragma no-cache last-modified Wed, 06 Oct 2021 00:01:02 GMT p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM",policyref="/w3c/p3p.xml" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-security-policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' x-content-type-options nosniff referrer-policy strict-origin content-encoding gzip
GET H2	200	main_hyvyd.css static.hyvyd.com//include/styles/	45 KB 11 KB	20ms 13ms	Stylesheet text/css	88.99.217.231 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://static.hyvyd.com//include/styles/main_hyvyd.css?v=1572449540 Requested by Host: account.hyvyd.com URL: https://account.hyvyd.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.231.217.99.88.clients.your-server.de Software nginx/1.10.3 / Resource Hash d1db77bddba824e1a4967046a5f12875e06ffafc803415c36a6a3fe4a7864cce Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.hyvyd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:01:02 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding referrer-policy strict-origin last-modified Wed, 30 Oct 2019 15:32:20 GMT server nginx/1.10.3 etag W/"5db9ad04-b270" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS content-type text/css cache-control max-age=315360000 access-control-allow-credentials true content-security-policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	helptext.js Show response static.hyvyd.com//include/js/	26 KB 10 KB	30ms 24ms	Script application/javascript	88.99.217.231 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://static.hyvyd.com//include/js/helptext.js?v=1536313196 Requested by Host: account.hyvyd.com URL: https://account.hyvyd.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.231.217.99.88.clients.your-server.de Software nginx/1.10.3 / Resource Hash 1562f091bb99caa3494551733858d46c70ab1855a91106a5cf2fbcbc26ffda34 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://account.hyvyd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:01:02 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding referrer-policy strict-origin last-modified Fri, 07 Sep 2018 09:39:56 GMT server nginx/1.10.3 etag W/"5b92476c-6825" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS content-type application/javascript cache-control max-age=315360000 access-control-allow-credentials true content-security-policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	alertify.js Show response account.hyvyd.com/include/js/	35 KB 10 KB	13ms 13ms	Script application/javascript	88.99.217.231 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://account.hyvyd.com/include/js/alertify.js Requested by Host: static.hyvyd.com URL: https://static.hyvyd.com//include/js/helptext.js?v=1536313196 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.231.217.99.88.clients.your-server.de Software nginx/1.10.3 / Resource Hash 6b9049404315bca25bb37f21e56dc4157238b2f8d57b32676732b5605177166d Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers :path /include/js/alertify.js pragma no-cache cookie PHPSESSID=o4369kkei33nuiiu0ji6smlt93; cookie_js_check=true accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority account.hyvyd.com referer https://account.hyvyd.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account.hyvyd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:01:02 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding referrer-policy strict-origin last-modified Thu, 29 Mar 2018 11:10:46 GMT server nginx/1.10.3 etag W/"5abcc9b6-8c0c" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS content-type application/javascript cache-control max-age=315360000 access-control-allow-credentials true content-security-policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	alertify.css account.hyvyd.com/include/js/	20 KB 4 KB	14ms 13ms	Stylesheet text/css	88.99.217.231 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://account.hyvyd.com/include/js/alertify.css Requested by Host: static.hyvyd.com URL: https://static.hyvyd.com//include/js/helptext.js?v=1536313196 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.231.217.99.88.clients.your-server.de Software nginx/1.10.3 / Resource Hash b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers :path /include/js/alertify.css pragma no-cache cookie PHPSESSID=o4369kkei33nuiiu0ji6smlt93; cookie_js_check=true accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority account.hyvyd.com referer https://account.hyvyd.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account.hyvyd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:01:02 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding referrer-policy strict-origin last-modified Thu, 29 Mar 2018 11:10:46 GMT server nginx/1.10.3 etag W/"5abcc9b6-509f" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS content-type text/css cache-control max-age=315360000 access-control-allow-credentials true content-security-policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	hyvyd_logo.png static.hyvyd.com/include/images/logos/	18 KB 19 KB	21ms 21ms	Image image/png	88.99.217.231 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.hyvyd.com/include/images/logos/hyvyd_logo.png Requested by Host: static.hyvyd.com URL: https://static.hyvyd.com//include/styles/main_hyvyd.css?v=1572449540 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.99.217.231 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.231.217.99.88.clients.your-server.de Software nginx/1.10.3 / Resource Hash 0852377297a1f2f25dcd7ec99d83257752e30b0008378d25a7c8951a3f4157a1 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://static.hyvyd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:01:03 GMT x-content-type-options nosniff content-length 18711 referrer-policy strict-origin last-modified Mon, 10 Apr 2017 15:31:02 GMT server nginx/1.10.3 etag "58eba536-4917" strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true content-security-policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline' accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Thu, 31 Dec 2037 23:55:55 GMT

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster undefined| ns4 undefined| ope boolean| fox undefined| ie5 boolean| saf boolean| kon boolean| ns6 undefined| ie8 undefined| ie9 boolean| showerr string| wopt string| mopt object| cnT number| ccT boolean| iPad boolean| mobD boolean| iFrm function| vd function| popUp function| wopen function| breakout function| wC function| rC function| eC function| wS function| rS function| eS function| sleep function| HO function| HC function| SH function| HD function| TAL function| SEL function| MSEL function| SEFI function| CON function| MSG function| CTC function| DSL function| DSCK number| WFC function| WF function| WS boolean| dinit object| drso number| dragx number| dragy number| posx number| posy function| drsi function| drst function| drsp function| drag function| BF function| PF function| fSize function| trim function| CC function| IL function| swiffyLoad function| AX function| GET function| FuS string| hex_chr function| rhex function| str2blks_MD5 function| add function| rol function| cmn function| ff function| gg function| hh function| ii function| md5 function| tC function| setOpacity function| fadeOpacity function| doneOpacity function| fadeInAni function| fadeIn function| fadeInDone boolean| tt_act function| ST boolean| navR function| SN boolean| ntloc function| SL function| callGAdd function| CW function| CDR function| CDW function| CDC function| CDI function| gaLoad function| Xval function| Yval function| sortSel function| hasOpt function| mSelOpt function| cSelOpt function| rSelOpt function| selAllOpt function| OF function| AF function| oC function| alAlert function| alConfirm function| alPrompt function| CL function| HumanBytes function| MO function| LazyImg object| alertify

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hyvyd.com/	1970-01-19 21:45:21	Name: PHPSESSID Value: o4369kkei33nuiiu0ji6smlt93
			account.hyvyd.com/	1970-01-20 12:08:38	Name: cookie_js_check Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.hyvyd.com
static.hyvyd.com
88.99.217.231
0852377297a1f2f25dcd7ec99d83257752e30b0008378d25a7c8951a3f4157a1
1562f091bb99caa3494551733858d46c70ab1855a91106a5cf2fbcbc26ffda34
3450194ef1c86dd40721160df15db28e17dac78f43a2981f03cd131eb47562b7
6b9049404315bca25bb37f21e56dc4157238b2f8d57b32676732b5605177166d
b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264
d1db77bddba824e1a4967046a5f12875e06ffafc803415c36a6a3fe4a7864cce