activatelogin.com Open in urlscan Pro
104.21.81.84  Malicious Activity! Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response activatelogin.com/	549 KB 51 KB	1934ms 721ms	Document text/html	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebd4ba5c12bebc8c6f3ad92119db9d360b0451c547d8c88de946c1374f0ef803 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b7151e6da9ec41d-EWR content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 22 Aug 2024 07:58:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkNkG7npt8f%2FbAhENqqOYfD1tQFvLQqRprc8pdzRpZ2yo0MRp0NxDLJhMuCsUJp%2B5c2PFDjqTeMxd8ODq1pWiZQDqFrPJvcUiIRW3xESdxSHUY5PFAO9MkY4OEplZ3soQ4wSiQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	ust.min.js Show response activatelogin.com/usertrack/server/	22 KB 8 KB	1414ms 1390ms	Script application/javascript	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/usertrack/server/ust.min.js?v=3.4.4 Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25485344bc5ecc1384a4120b490d04d9712ef17eb856d772af48fd6fe7b4d2b4 Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:50 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 21 Aug 2024 12:46:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66c5e1bb-5886" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQYDxIrRSStgOdIJ0EH7pV5Mf%2BJ3g0JXQB%2FPTjEBZDsUfB5TxQ2makS1RWTbHzCslonZ7Tm2dRCb31q0QCm2Mw%2FlSQp12NUARZX5W23Q%2FXp%2Bv%2BkHjOh97iudEz%2BWdU71d1olTw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cf-ray 8b7151ee6ef3c41d-EWR alt-svc h3=":443"; ma=86400
GET H2	200	main.css activatelogin.com/portal/media/system/41.203.28/css/	393 KB 133 KB	913ms 892ms	Stylesheet text/css	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/41.203.28/css/main.css Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:50 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 28 Jun 2024 16:33:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3975 etag W/"667ee5c6-6224e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txyTlkcYXgZue%2Bdz9Wd%2FicX5mn0gDOt7tD0MFbdcPuV5%2FBgIp69Jrf0fPRBiBrKyWljav1i9%2BwRklKfwJUmM3c3TH0P0REYiuEcDJe7YGrZYCLWvg7cYYeF6SNh1%2Fdlywv68pg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8b7151ef1f38c41d-EWR alt-svc h3=":443"; ma=86400
GET H2	200	cms.css activatelogin.com/portal/media/system/41.203.28/css/	200 KB 94 KB	1111ms 1093ms	Stylesheet text/css	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/41.203.28/css/cms.css Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10 Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:50 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 28 Jun 2024 16:33:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3975 etag W/"667ee5c6-32190" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkGHHwi0deQUNWWfuQK%2FEvzG75ury7f1lRG60gBkdgXFKpx3yv7RUv6rS%2F%2FTfCpF9mkJ0VC5KmE%2FhK73LqS6x6eA8i5sppUstB7H8q3%2Fwj3%2B9x4MWtYoZUCI%2Fh%2B5crvC1nNtyg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8b7151ef1f3ac41d-EWR alt-svc h3=":443"; ma=86400
GET H2	404	jQuery_3_5_1.js activatelogin.com/portal/media/system/41.203.28/js/	0 0	984ms 968ms	Script text/html	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/41.203.28/js/jQuery_3_5_1.js Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:50 GMT content-encoding zstd cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 172 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZJ5GGeecheY0Kc3iM5u0i4Dye9I9LK4qBF%2FCGjpbgZ0ZHaZ3jijgV%2BaXmnWzD56y7FnjSEcU2l%2FY%2FN2DKLDxaKHu8fbx5yxc5rzvZPCtGVCxkKojD8%2Fm%2BEYzw9AMY7qzOkwwA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8b7151ef1f3bc41d-EWR alt-svc h3=":443"; ma=86400
GET H2	404	jquery_ui_1_13_2.js activatelogin.com/portal/media/system/41.203.28/js/	0 0	1402ms 1389ms	Script text/html	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/41.203.28/js/jquery_ui_1_13_2.js Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:50 GMT content-encoding zstd cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 172 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FaosQF53TUZdzpEmiav6MI3ZxXsvn7XNLv%2FAJU3gEYIi97SIuPA5bXXpPZnhrun4CKiRJnGc6Y5Tgsd7K%2FsU2HX9r8lago1QfmXPSuhTxUGARBZL52hABDfM8HgPbXPALSmvOA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8b7151efaf97c41d-EWR alt-svc h3=":443"; ma=86400
GET H2	404	lib_head.js activatelogin.com/portal/media/system/41.203.28/js/	0 0	1396ms 1385ms	Script text/html	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/41.203.28/js/lib_head.js Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:50 GMT content-encoding zstd cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 172 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPMJpwMyjJt%2FhNTBSANx7akY0U8vMnobaeZKEN3eUfJJaUfHbPFhkSkm4r55Lrr%2FGucsLhAtgS7HQydAleoK1KVlxM1TJBd1f8GM54eWnfS1io2PqGp3npuuRqYPgUGI6C9IOQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8b7151efefbec41d-EWR alt-svc h3=":443"; ma=86400
GET H2	404	lib_smartbanner.js activatelogin.com/portal/media/system/js/	0 0	1400ms 1390ms	Script text/html	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/js/lib_smartbanner.js Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:50 GMT content-encoding zstd cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 172 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stUAqIJO5z6DK2s33gtmqEcEzrB8ywYjQSVQZEoRqYQDL5yfnYcLc6kDfSnE366ckz7JTp%2B95xk5Z1qvBLqbSvtHTJ8QMbCP9lCNs5jLshxPzB8EYKXnOON5Q3YJPwv7uoihdg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8b7151f01fddc41d-EWR alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response api.ipdata.co/	1 KB 955 B	12500ms 593ms	Fetch application/json	3.73.175.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ipdata.co/?api-key=8b7b4e0fb0416cb4708307001de92cb39717bec1fed7758c550e0efa Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.73.175.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-73-175-68.eu-central-1.compute.amazonaws.com Software / Resource Hash d5d0f183247d544688f77b4493d75e84b749683bbf72c83358293284874d2c13 Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:59:02 GMT content-encoding gzip x-amzn-requestid 0a73c3ae-aaaa-4ffd-88d2-5634e3ca9657 x-amzn-trace-id Root=1-66c6efc6-4a513c5e23af0f205f520815;Parent=442eb95bf2f1177b;Sampled=0;lineage=6421a650:0|a863b97f:0 access-control-allow-methods OPTIONS,POST,GET content-type application/json; charset=utf-8 access-control-allow-origin * x-amz-apigw-id c5pnDEUQliAEVgg= content-length 606 access-control-allow-headers Content-Type
GET H2	200	lupe.png activatelogin.com/portal/media/system/images/	1 KB 2 KB	3806ms 3801ms	Image image/png	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://activatelogin.com/portal/media/system/images/lupe.png Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358 Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:55 GMT cf-cache-status HIT last-modified Fri, 28 Jun 2024 16:33:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3980 etag "667ee5c6-51c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eaVqYlXtW4xNfkZXmlFe8zANODOYqd0vfP1aMeLiHDLdGV5lMxgoOATjQbKIyP8NGjDYMphNSGv9yMPOmEehMZ8Z4MwiFiIl6lEioqTeLTpVj%2BXd00dRzbVQluhASCOkf6SA6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8b71520cafd9c41d-EWR alt-svc h3=":443"; ma=86400 content-length 1308
GET H2	200	logo_big_svg.svg activatelogin.com/portal/media/system/images/	10 KB 3 KB	4809ms 4808ms	Image image/svg+xml	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://activatelogin.com/portal/media/system/images/logo_big_svg.svg Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:56 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 28 Jun 2024 16:33:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3981 etag W/"667ee5c6-2658" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kUobpYzLUCsFyNp3Ks0niF7nnRK5rd8tvvdi0f6vRVWW2D44bayypyTy%2Bc4PqAASm2EuVCOQ742LYCgVAD2aF1xtDxWSlXJfDSpvX3I16f5l50Pr%2Fs72XsnHxt9BESN0zTAQHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8b7152102992c41d-EWR alt-svc h3=":443"; ma=86400
GET H2	404	lib_main.js activatelogin.com/portal/media/system/41.203.28/js/	0 0	3872ms 3867ms	Script text/html	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/41.203.28/js/lib_main.js Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:55 GMT content-encoding zstd cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQ4EV6mCYmK3hw%2BK%2BWOK605vjSs2eQinb%2FqtKnooQjK72kYGNyCazQ9ky1XMpa2KBrVPB%2Fb3MJu9St87HkiD0Fhq4Ndivz5vU9ipA2ACPHPQCrnomA%2BYpO9USJ4%2FCvhjxjPLdA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8b71520e68d9c41d-EWR alt-svc h3=":443"; ma=86400
GET H2	404	lib_cms.js activatelogin.com/portal/media/system/41.203.28/js/	0 0	3859ms 3858ms	Script text/html	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/41.203.28/js/lib_cms.js Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:55 GMT content-encoding zstd cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 177 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOFSOYFp%2FPB3O%2FqK%2F3h4kCntgeCnlbIRA9D0CxwSaV%2B28kmJ%2BbPaKGwlPxE7zsSS%2BYjaVb396TjLKvpruOp3iS6s4dytr218zaV9bbqUirWUc81E9fqQM6n7RA3dSHtX03HRcA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8b71520f493ec41d-EWR alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	17 KB 17 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0 Request headers Referer Origin https://activatelogin.com User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers Content-Type application/x-font-woff
GET H2	200	ico_fehler_png1.png activatelogin.com/portal/media/system/images/	2 KB 2 KB	4723ms 4721ms	Image image/png	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://activatelogin.com/portal/media/system/images/ico_fehler_png1.png Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12 Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:56 GMT cf-cache-status HIT last-modified Tue, 06 Aug 2024 23:06:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2552 etag "66b2ac73-67b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpT02sLUM6B931Vo5CGYTe1jFWjombxInRpDVxVq5DAD%2BaR32V2Tc5AGAekAsTkKfegEDH9F9IVpvmhslDl%2FaqW1xhwSciUcYNSpvpYHQ5Gg%2Fu209C1E7DWV0wphvdaoQZ82qg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8b71521099d4c41d-EWR alt-svc h3=":443"; ma=86400 content-length 1659
GET DATA	200 OK	truncated /	17 KB 17 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75 Request headers Referer Origin https://activatelogin.com User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers Content-Type application/x-font-woff
GET H2	200	icons_woff.woff activatelogin.com/portal/media/system/fonts/	40 KB 40 KB	4747ms 4746ms	Font font/woff	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/portal/media/system/fonts/icons_woff.woff Requested by Host: activatelogin.com URL: https://activatelogin.com/portal/media/system/41.203.28/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876 Request headers Referer https://activatelogin.com/portal/media/system/41.203.28/css/main.css Origin https://activatelogin.com User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:56 GMT cf-cache-status HIT last-modified Fri, 28 Jun 2024 16:33:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4861 etag "667ee5c6-9e84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0vAvZeQTUIj7rkcvIBDCpuRQw3plCI%2FrrdFf6t34f7NtV0k%2FJls2%2FBXROVGtKJCTtM3qtSwcGC2WD9sLMOZ4aV8gDxcsFNyHyKRtBA8HvIRWUHR%2BhBoOUyJguDIcJsy407JtQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 8b71521099d3c41d-EWR alt-svc h3=":443"; ma=86400 content-length 40580
GET H2	200	getIP.php Show response activatelogin.com/usertrack/server/helpers/	24 B 446 B	2445ms 2444ms	Script application/javascript	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/usertrack/server/helpers/getIP.php Requested by Host: activatelogin.com URL: https://activatelogin.com/usertrack/server/ust.min.js?v=3.4.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f36a6f0280ff131ec137149d59d6d5b6d8eb019ca2cd0f37df74160045cd4dfb Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers pragma no-cache date Thu, 22 Aug 2024 07:58:59 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15%2Bd6RDbBBPDsULSIVWrYq5myZ%2Fk%2FCGxPA7PGbYSxr7sKYw%2BAlc82FYMb2Nzz4LRPsuV4U0sP28qldjHTGqUGJMRG45y535BpUPQK5xVGo8AascnV06xvkubcpmcWeUgmhDcBA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=0, no-cache, no-store, must-revalidate cf-ray 8b715223edebc41d-EWR alt-svc h3=":443"; ma=86400 expires Wed, 11 Jan 1984 05:00:00 GMT
POST H2	200	createClient.php Show response activatelogin.com/usertrack/server/tracker/	41 B 444 B	572ms 567ms	XHR text/html	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/usertrack/server/tracker/createClient.php Requested by Host: activatelogin.com URL: https://activatelogin.com/usertrack/server/ust.min.js?v=3.4.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22374530268308f3e4b4b6ff80ea56b2b9b9500c5faa27c7265ecd6e78705074 Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 22 Aug 2024 07:58:59 GMT content-encoding zstd cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 pragma no-cache server cloudflare access-control-max-age 1000 access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4hsBy9c4ZAUnQXVXq9mI1wMQ5QoYFVHTlgFWN7qfwqO3GB7hrytMyBSYxzgTD5swThNlNT2kt4cGhXx0a6h%2FRL7jLe6bekKFUHZvycVueQhQjT1aUQiv%2BowkCk4wFM3uEiN5Q%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=0, no-cache, no-store, must-revalidate cf-ray 8b715227687cc41d-EWR access-control-allow-headers Content-Type expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	/ Show response ipapi.co/json/	737 B 869 B	1639ms 589ms	Fetch application/json	104.26.9.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipapi.co/json/ Requested by Host: activatelogin.com URL: https://activatelogin.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.26.9.44 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61603177720e30ac15b598bdf822adb577b8838e238dd37cb08fba3f7f0a8968 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:59:01 GMT content-encoding br x-content-type-options nosniff referrer-policy same-origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Host, origin allow OPTIONS, POST, GET, HEAD, OPTIONS content-type application/json access-control-allow-origin https://activatelogin.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CiVrHECJ790MEK5cOae48ApQpw6q8fWmHFPLPlOVNx4BK2FqXwUzbFGYKBrSl2XQLPMN343oMk%2FTm721bZzUJvZhrAnyjikZnR9fVk8woYfhrfJmKJBpVOxT"}],"group":"cf-nel","max_age":604800} x-frame-options DENY cf-ray 8b71522e199e5234-MXP
GET H2	200	favicon.ico activatelogin.com/	1 KB 1 KB	526ms 524ms	Other image/x-icon	104.21.81.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activatelogin.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.81.84 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187 Request headers Referer https://activatelogin.com/ User-Agent Mozilla/5.0 (Linux; Android 6.0.1; Nexus 10 Build/MOB31T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Safari/537.36 Response headers date Thu, 22 Aug 2024 07:58:59 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 19 Jun 2024 17:00:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6184 etag W/"66730e92-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyBA4qpGhjFdZq%2FUNFhg9VXdHnUBA6yAOMkbBBuWjPBc8l3Fu3pLV7tDY8V%2BvTkF1a%2BIE1t%2FT1nbD1YsKKt83S4PWPeqZ893gqvV6YeviMAxQHFIRBQpMXrdDkzwDokjzTIU0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8b715228591fc41d-EWR alt-svc h3=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getDigitalGoodsService function| _0x43b533 function| _0x42bf function| _0x5d84 object| UST_CT object| UST function| addDynamicEventListener string| webtrekkEnabled string| ust_myIP

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://activatelogin.com/portal/media/system/41.203.28/js/jQuery_3_5_1.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatelogin.com/portal/media/system/41.203.28/js/lib_head.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatelogin.com/portal/media/system/41.203.28/js/jquery_ui_1_13_2.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatelogin.com/portal/media/system/js/lib_smartbanner.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatelogin.com/portal/media/system/41.203.28/js/lib_main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://activatelogin.com/portal/media/system/41.203.28/js/lib_cms.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activatelogin.com
api.ipdata.co
ipapi.co
104.21.81.84
104.26.9.44
3.73.175.68
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
22374530268308f3e4b4b6ff80ea56b2b9b9500c5faa27c7265ecd6e78705074
25485344bc5ecc1384a4120b490d04d9712ef17eb856d772af48fd6fe7b4d2b4
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12
61603177720e30ac15b598bdf822adb577b8838e238dd37cb08fba3f7f0a8968
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
d5d0f183247d544688f77b4493d75e84b749683bbf72c83358293284874d2c13
ebd4ba5c12bebc8c6f3ad92119db9d360b0451c547d8c88de946c1374f0ef803
f36a6f0280ff131ec137149d59d6d5b6d8eb019ca2cd0f37df74160045cd4dfb
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358