activatewin10.com Open in urlscan Pro
138.201.109.106 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://activatewin10.com/
Submission Tags: @phishunt_io
Submission: On January 16 via api (January 16th 2021, 1:55:57 pm UTC) from ES

Summary HTTP 21 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 138.201.109.106, located in Germany and belongs to HETZNER-AS, DE. The main domain is activatewin10.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 15th 2021. Valid for: 3 months.

This is the only time activatewin10.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
18	138.201.109.106 138.201.109.106		24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6811:e13f		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3		32934 (FACEBOOK) (FACEBOOK)
21	4

18 138.201.109.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.109.201.138.clients.your-server.de

activatewin10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e13f (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	activatewin10.com activatewin10.com	139 KB
2	facebook.net connect.facebook.net	62 KB
1	medium.com miro.medium.com	11 KB
21	3

	Domain	Requested by
18	activatewin10.com	activatewin10.com
2	connect.facebook.net	activatewin10.com connect.facebook.net
1	miro.medium.com	activatewin10.com
21	3

This site contains no links.

Subject Issuer	Validity	Valid
activatewin10.com cPanel, Inc. Certification Authority	`2021-01-15` - `2021-04-15`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-01-08` - `2021-04-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://activatewin10.com/
Frame ID: 9D1CAD751AA86AA7163483922CA692C5
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

212 kB
Transfer

776 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
activatewin10.com/ 23 KB
7 KB 206ms
89ms Document
text/html 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: a6ce06b6d4ee708693ae470ad7bdce93a5b6459ad0655e7b01ca87606a65102c

Request headers

:method: GET
:authority: activatewin10.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
link: <https://activatewin10.com/wp-json/>; rel="https://api.w.org/" <https://activatewin10.com/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json" <https://activatewin10.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sat, 16 Jan 2021 13:55:37 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 style.min.css
activatewin10.com/wp-includes/css/dist/block-library/ 50 KB
7 KB 338ms
36ms Stylesheet
text/css 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Tue, 01 Dec 2020 15:51:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7421
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 theme.min.css
activatewin10.com/wp-includes/css/dist/block-library/ 2 KB
703 B 341ms
38ms Stylesheet
text/css 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.6
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Tue, 13 Oct 2020 15:40:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 647
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 style.css
activatewin10.com/wp-content/themes/twentytwentyone/ 149 KB
21 KB 341ms
39ms Stylesheet
text/css 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/themes/twentytwentyone/style.css?ver=1.1
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: fad62c630b6ff03fdbb9f219a0f1fa217c21d6443aaa539762de0347d5eda404

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:28:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21643
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 front.css
activatewin10.com/wp-content/plugins/super-socializer/css/ 64 KB
16 KB 366ms
64ms Stylesheet
text/css 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/plugins/super-socializer/css/front.css?ver=7.13.11
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: c4d2b00afe4d9a247aea591665d92c5dfbe8f7fd2c071d17996b8c5ecd885cb6

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:28:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16561
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 share-svg.css
activatewin10.com/wp-content/plugins/super-socializer/css/ 101 KB
30 KB 376ms
74ms Stylesheet
text/css 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/plugins/super-socializer/css/share-svg.css?ver=7.13.11
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 65c9ec2b0f38751fb554d80a012684ac9b89fba9f97f24b39f0f3d552a93766f

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:28:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31142
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 jquery.min.js Show response
activatewin10.com/wp-includes/js/jquery/ 87 KB
30 KB 385ms
83ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 19:03:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30287
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 jquery-migrate.min.js Show response
activatewin10.com/wp-includes/js/jquery/ 11 KB
4 KB 390ms
89ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Thu, 19 Nov 2020 13:01:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 0*jSbrQdU82bfmkcwO.png
miro.medium.com/max/509/ 11 KB
11 KB 43ms
24ms Image
image/png 2606:4700::6811:e13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/509/0*jSbrQdU82bfmkcwO.png

Requested by

Host: activatewin10.com
URL: https://activatewin10.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e13f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

947cc674c39c5a9a764e3783543fcc293f38649100d454197be6f551409677eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20637
x-envoy-upstream-service-time: 39
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 11032
cf-request-id: 07ad13f5aa00002bca169a4000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 612855cf784f2bca-FRA
expires: Mon, 15 Feb 2021 13:55:37 GMT

GET
H2 200 primary-navigation.js Show response
activatewin10.com/wp-content/themes/twentytwentyone/assets/js/ 6 KB
2 KB 336ms
35ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js?ver=1.1
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: cf822a4c10bf201733e60c8ceb98ec2a944fe55da55db484d7c0c12dfb3bba18

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:30:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1674
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 responsive-embeds.js Show response
activatewin10.com/wp-content/themes/twentytwentyone/assets/js/ 1 KB
540 B 336ms
36ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.1
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:30:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 483
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 general.js Show response
activatewin10.com/wp-content/plugins/super-socializer/js/front/social_login/ 1 KB
684 B 338ms
34ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/plugins/super-socializer/js/front/social_login/general.js?ver=7.13.11
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: bdbc00de393216f6118f704088accc9ebddd220480741d5ed088c01f46f84088

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:31:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 626
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 sdk.js Show response
activatewin10.com/wp-content/plugins/super-socializer/js/front/facebook/ 2 KB
699 B 340ms
37ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.13.11
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 78423c4a9a19219e7c002b614298e550c87bb19788cbf348992e20c6cdfc2495

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:31:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 641
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 commenting.js Show response
activatewin10.com/wp-content/plugins/super-socializer/js/front/facebook/ 5 KB
1 KB 340ms
37ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/plugins/super-socializer/js/front/facebook/commenting.js?ver=7.13.11
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 420d5c7ee5a3e7582b7ed91343962411712a183d42a69395c4bc1fe378699f07

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:31:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1406
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 sharing.js Show response
activatewin10.com/wp-content/plugins/super-socializer/js/front/sharing/ 43 KB
11 KB 341ms
38ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/plugins/super-socializer/js/front/sharing/sharing.js?ver=7.13.11
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 4635127a4fcff2cca48146ab1ecc2a5952fdbbb340e5e62b4326ec3f8caa2552

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:31:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10770
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 wp-embed.min.js Show response
activatewin10.com/wp-includes/js/ 1 KB
726 B 341ms
39ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Sat, 26 Oct 2019 02:47:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 668
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 wp-emoji-release.min.js Show response
activatewin10.com/wp-includes/js/ 14 KB
4 KB 342ms
40ms Script
application/javascript 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Tue, 20 Oct 2020 19:25:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4319
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
H2 200 print.css
activatewin10.com/wp-content/themes/twentytwentyone/assets/css/ 3 KB
1020 B 343ms
41ms Stylesheet
text/css 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://activatewin10.com/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.1
Requested by: Host: activatewin10.com
URL: https://activatewin10.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.109.201.138.clients.your-server.de
Software: LiteSpeed /
Resource Hash: 3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:37 GMT
content-encoding: br
last-modified: Fri, 15 Jan 2021 21:30:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 962
expires: Sat, 23 Jan 2021 13:55:37 GMT

GET
DATA 200
OK truncated
/ 302 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 682 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 436 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 346 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 706b60c871be65726479e872d219c82f59373249338874be494dd6b4aeb47543

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: activatewin10.com
URL: https://activatewin10.com/wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.13.11

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

b00bd7b71a0e89d563d470f146dfb4d06faa5f3ae91c867323e86fbec84cc247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /v4uPHlpFqr4wwETA0Iakw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: +O94Th4sbcHX9oknQZJMqpMDByfzON4nTqbLbT3MyaoXHTNT6aPIQblY5S2N87WeufTWNIxGtFFLuxbxJX1YsQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 4b1b661676dd0bfae97cacfafb74960d
x-frame-options: DENY
date: Sat, 16 Jan 2021 13:55:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "987544f918c1e7f2afc86a61d33875a8"
timing-allow-origin: *
expires: Sat, 16 Jan 2021 14:12:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 196 KB
60 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c24b6b836a67287b52c1d7a474766671&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

9946e4bae36e87c85e08c86c62ff58435df175b03bf5ff0343d4640e8a7619e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://activatewin10.com
Referer: https://activatewin10.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dV+PZCvw3ujTU9uBRxO8pA==
cross-origin-resource-policy: cross-origin
expires: Sun, 16 Jan 2022 13:33:31 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60427
x-fb-rlafr: 0
x-fb-debug: a8h7pOD3olQTMPbXslDQX/AI06VbE9qkD7/+wNKy+I2YgsTSIh94WWo5RfzjNkeV+Ccw1+eYmZQI7h3CNOaR5w==
x-fb-trip-id: 917726464
x-fb-content-md5: 6f80d1c4642ebf0489d8d7aff8848988
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 16 Jan 2021 13:55:37 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "bf2c9e2e35663d27cf05685581434781"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 admin-ajax.php Show response
activatewin10.com/wp-admin/ 160 B
325 B 1557ms
1256ms XHR
text/html 138.201.109.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://activatewin10.com/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls%5B%5D=https%3A%2F%2Factivatewin10.com%2F

Requested by

Host: activatewin10.com
URL: https://activatewin10.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

138.201.109.106 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.106.109.201.138.clients.your-server.de

Software

LiteSpeed /

Resource Hash

7fc00cd4e2383fa71c5d4590f9744b480016638b8fff110bd0cd30e922c04bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://activatewin10.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 16 Jan 2021 13:55:39 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 109
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| theChampLoadEvent string| theChampDefaultLang string| theChampCloseIconPath string| theChampSiteUrl number| theChampVerified number| theChampEmailPopup string| theChampFBKey string| theChampFBLang number| theChampFbLikeMycred number| theChampSsga number| theChampCommentNotification number| theChampHeateorFcmRecentComments number| theChampFbIosLogin string| theChampFBCommentUrl string| theChampFBCommentColor string| theChampFBCommentNumPosts string| theChampFBCommentWidth string| theChampFBCommentOrderby string| theChampCommentingTabs string| theChampGpCommentsUrl string| theChampDisqusShortname string| theChampScEnabledTabs string| theChampScLabel object| theChampScTabLabels number| theChampGpCommentsWidth string| theChampCommentingId string| theChampSharingAjaxUrl string| heateorSsFbMessengerAPI string| heateorSsWhatsappShareAPI object| heateorSsUrlCountFetched string| heateorSsSharesText string| heateorSsShareText string| theChampPluginIconPath number| theChampHorizontalSharingCountEnable number| theChampVerticalSharingCountEnable number| theChampSharingOffset number| theChampCounterOffset number| theChampMobileStickySharingEnabled string| heateorSsCopyLinkMessage string| heateorSsHorSharingShortUrl string| heateorSsVerticalSharingShortUrl object| _wpemojiSettings undefined| $ function| jQuery string| uid string| wid object| pop_tag function| twentytwentyoneToggleAriaExpanded function| twentytwentyoneCollapseMenuOnClickOutside function| twentytwentyoneSubmenuPosition function| twentytwentyoneExpandSubMenu function| twentytwentyoneResponsiveEmbeds function| theChampPopup function| theChampStrReplace function| theChampCallAjax function| theChampGetScript function| theChampGetElementsByClass function| theChampGetCookie function| theChampInitiateFB function| fbAsyncInit function| theChampRenderFBCommenting object| twemoji object| wp function| heateorSsDetermineWhatsappShareAPI function| theChampMoreSharingPopup function| theChampFilterSharing object| heateorSsFacebookTargetUrls function| theChampGetSharingCounts function| theChampFetchFacebookShares function| theChampFBShareJSONCall function| theChampSaveFacebookShares function| theChampCalculateApproxCount function| theChampCalculateActualCount function| theChampCapitaliseFirstLetter function| theChampHideSharing function| ClipboardJS object| FB

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://activatewin10.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activatewin10.com
connect.facebook.net
miro.medium.com
138.201.109.106
2606:4700::6811:e13f
2a03:2880:f02d:12:face:b00c:0:3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
420d5c7ee5a3e7582b7ed91343962411712a183d42a69395c4bc1fe378699f07
4635127a4fcff2cca48146ab1ecc2a5952fdbbb340e5e62b4326ec3f8caa2552
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
65c9ec2b0f38751fb554d80a012684ac9b89fba9f97f24b39f0f3d552a93766f
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
706b60c871be65726479e872d219c82f59373249338874be494dd6b4aeb47543
78423c4a9a19219e7c002b614298e550c87bb19788cbf348992e20c6cdfc2495
7fc00cd4e2383fa71c5d4590f9744b480016638b8fff110bd0cd30e922c04bd3
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6
947cc674c39c5a9a764e3783543fcc293f38649100d454197be6f551409677eb
9946e4bae36e87c85e08c86c62ff58435df175b03bf5ff0343d4640e8a7619e8
a6ce06b6d4ee708693ae470ad7bdce93a5b6459ad0655e7b01ca87606a65102c
b00bd7b71a0e89d563d470f146dfb4d06faa5f3ae91c867323e86fbec84cc247
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
bdbc00de393216f6118f704088accc9ebddd220480741d5ed088c01f46f84088
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c4d2b00afe4d9a247aea591665d92c5dfbe8f7fd2c071d17996b8c5ecd885cb6
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
cf822a4c10bf201733e60c8ceb98ec2a944fe55da55db484d7c0c12dfb3bba18
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
fad62c630b6ff03fdbb9f219a0f1fa217c21d6443aaa539762de0347d5eda404