urlscan.io logo urlscan.io
SecurityTrails logo

myaccount.mythingy.io Open in urlscan Pro
2606:4700::6812:1b87  Public Scan

Go To Rescan Add Verdict Report
URL: https://myaccount.mythingy.io/
Submission: On December 03 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2606:4700::6812:1b87, located in United States and belongs to CLOUDFLARENET, US. The main domain is myaccount.mythingy.io.
TLS certificate: Issued by E1 on December 3rd 2023. Valid for: 3 months.
This is the only time myaccount.mythingy.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 4
Apex Domain
Subdomains		 Transfer
5 mythingy.io
myaccount.mythingy.io
10 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
24 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
24 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2842
25 KB
7 4
Domain Requested by
5 myaccount.mythingy.io 1 redirects myaccount.mythingy.io
1 cdn.jsdelivr.net myaccount.mythingy.io
1 code.jquery.com myaccount.mythingy.io
1 stackpath.bootstrapcdn.com myaccount.mythingy.io
7 4

This site contains no links.

Subject Issuer Validity Valid
mythingy.io
E1		 2023-12-03 -
2024-03-02		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://myaccount.mythingy.io/
Frame ID: 93791111076E221ACEA1DD001028B854
Requests: 5 HTTP requests in this frame

Frame: https://myaccount.mythingy.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: A10FFF06109E0D76ABC09B18422240B8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Signup

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

7
Requests

86 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

83 kB
Transfer

328 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://myaccount.mythingy.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://myaccount.mythingy.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
myaccount.mythingy.io/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccount.mythingy.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae4d84d23b28d29824f5265955f9fa41f7b9038f7508d4d459b92a398d4cb38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
82fcc2144b884d9c-FRA
content-encoding
gzip
content-type
text/html
date
Sun, 03 Dec 2023 15:14:13 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: myaccount.mythingy.io
URL: https://myaccount.mythingy.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:14:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601
age
473460
cdn-cachedat
08/03/2021 15:44:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
72292ca7a393da9d388c402f68f6a70c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82fcc2152f2c68ec-FRA
cdn-requestpullsuccess
True
jquery-3.5.1.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by
Host: myaccount.mythingy.io
URL: https://myaccount.mythingy.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:14:13 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4088042
x-cache
HIT, HIT
content-length
24606
x-served-by
cache-lga21954-LGA, cache-fra-eddf8230041-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701616454.958183,VS0,VE0
etag
W/"28feccc0-11abc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
55, 175579
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.0-alpha1/dist/js/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-alpha1/dist/js/bootstrap.bundle.min.js
Requested by
Host: myaccount.mythingy.io
URL: https://myaccount.mythingy.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535986966009f44b506e6237f7ea91d766abf24939666db3b244c8526c024bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:14:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
470975
x-jsd-version
5.0.0-alpha1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230082-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"149b8-QTOMb6QReKf0HvfTo4H3obAhSqs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsGvbxKK3Pl4QyWU3dyq09ZQZGwWjSwJ8ppbQczjX1HT6xmo3cZHteIigUREpK%2BDwmLQIp8J0FRlvlmaygHe%2BMTzRXxLXJihtOJPe8Pa40hUS30uCqDcaDSix1Qs4q878aRKNWazZ2qmebWM6Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82fcc2152c485d70-FRA
main.js
myaccount.mythingy.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame A10F
Redirect Chain
  • https://myaccount.mythingy.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://myaccount.mythingy.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.mythingy.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Requested by
Host: myaccount.mythingy.io
URL: https://myaccount.mythingy.io/
Protocol
H3
Server
2606:4700::6812:1b87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
379fa79a91e229b972baaf2177c3bb27587f668ca213990b242862c1e052031b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:14:14 GMT
content-encoding
gzip
referrer-policy
same-origin
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=86400, enforce
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82fcc215dfea1992-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Redirect headers

date
Sun, 03 Dec 2023 15:14:14 GMT
content-encoding
gzip
referrer-policy
same-origin
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=86400, enforce
vary
accept-encoding
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control
max-age=300, public
cf-ray
82fcc2158d574d9c-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
s.js
myaccount.mythingy.io/cdn-cgi/zaraz/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.mythingy.io/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyU2lnbnVwJTIyJTJDJTIyeCUyMiUzQTAuNjUyMDMxMjE1NTQzMDM1JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZteWFjY291bnQubXl0aGluZ3kuaW8lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by
Host: myaccount.mythingy.io
URL: https://myaccount.mythingy.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31c845d6b4ef2b89854f8ea7c902727f26f4cf806faec404250af23db776610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myaccount.mythingy.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://myaccount.mythingy.io
content-type
text/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
82fcc2158d594d9c-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
82fcc2144b884d9c
myaccount.mythingy.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A10F 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myaccount.mythingy.io/cdn-cgi/challenge-platform/h/b/jsd/r/82fcc2144b884d9c
Requested by
Host: myaccount.mythingy.io
URL: https://myaccount.mythingy.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1b87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Dec 2023 15:14:14 GMT
content-encoding
gzip
referrer-policy
same-origin
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
cf-ray
82fcc216b8f91992-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| zarazData object| zaraz function| $ function| jQuery number| uidEvent object| bootstrap object| dataLayer

11 Cookies

Domain/Path Name / Value
.mythingy.io/ Name: __cf_bm
Value: T95aFPNDp5DkC28V5J7ALZUOoi.eehcD2.LfzdxJ9.I-1701616453-0-Aejv6fCYrCUxdMvtEoe3qGk8wkMWT3zskKgf9iv3cLNyDM0NKbdTt/IOtvc38QfW7ePYQdsdmGJq0oYf6HmAR/uXcxlaWdUQF9LJktKwkrNF
.mythingy.io/ Name: _cfuvid
Value: RacGHQMJsZhFcUpjVykhB5MBDOmu76qreSOvlQIDbtU-1701616453872-0-604800000
.mythingy.io/ Name: google-analytics_ISPt___ga
Value: 4519265a-4d50-4c09-9549-b19a10fa3eff
.mythingy.io/ Name: google-analytics_ZmnB___ga
Value: b464b012-91df-42e5-b856-95e623193b6e
.mythingy.io/ Name: google-analytics_v4_qUBd__engagementStart
Value: 1701616454038
.mythingy.io/ Name: google-analytics_v4_qUBd__counter
Value: 1
.mythingy.io/ Name: google-analytics_v4_qUBd__ga4sid
Value: 2104834690
.mythingy.io/ Name: google-analytics_v4_qUBd__session_counter
Value: 1
.mythingy.io/ Name: google-analytics_v4_qUBd__ga4
Value: 3e0c3436-1a85-4b1a-9e29-1e30efa470d7
.mythingy.io/ Name: google-analytics_v4_qUBd__let
Value: 1701616454038
.mythingy.io/ Name: cf_clearance
Value: ZGNWBCM0JNRoEKiZUYKBeNgFSLIgkYu0kZq0ag6awAc-1701616454-0-1-37b13bd1.eaed9c72.3a79756d-0.2.1701616454

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block