www.activityworkshop.net Open in urlscan Pro
185.26.156.210 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.activityworkshop.net/
Submission: On July 12 via automatic, source certstream-suspicious (July 12th 2024, 11:04:29 am UTC) — Scanned from DE

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 185.26.156.210, located in Germany and belongs to UVENSYS, DE. The main domain is www.activityworkshop.net.
TLS certificate: Issued by R3 on May 13th 2024. Valid for: 3 months.

This is the only time www.activityworkshop.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	185.26.156.210 185.26.156.210	58010 (UVENSYS) (UVENSYS)
1	40.114.177.156 40.114.177.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2

7 185.26.156.210 (Germany)

ASN58010 (UVENSYS, DE)
PTR: hyrrokkin.uberspace.de

www.activityworkshop.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.177.156 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	activityworkshop.net www.activityworkshop.net	19 KB
1	duckduckgo.com duckduckgo.com — Cisco Umbrella Rank: 3558
8	2

	Domain	Requested by
7	www.activityworkshop.net	www.activityworkshop.net
1	duckduckgo.com	www.activityworkshop.net
8	2

This site contains links to these domains. Also see Links.

Domain
www.buymeacoffee.com

Subject Issuer	Validity	Valid
www.activityworkshop.net R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
*.duckduckgo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-02` - `2024-11-25`	7 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.activityworkshop.net/
Frame ID: 749A42E168951757F50827CF5EBBD073
Requests: 7 HTTP requests in this frame

Frame: https://duckduckgo.com/search.html?width=400&site=activityworkshop.net&prefill=Search%20activityworkshop%20using%20DuckDuckGo
Frame ID: 9C01EE92EC1042F9CB807E66F5A83807
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Activity Workshop

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

19 kB
Transfer

27 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.buymeacoffee.com/activity

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.activityworkshop.net/ 13 KB
4 KB 1206ms
50ms Document
text/html 185.26.156.210
UVENSYS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityworkshop.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.26.156.210 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

hyrrokkin.uberspace.de

Software

nginx /

Resource Hash

da10ae6590546e956650c3e9164c799225a7b3080c79a0a34c2528a0fbb7ca95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Jul 2024 11:04:24 GMT
etag: W/"3443-61c832a7629b8"
last-modified: Fri, 05 Jul 2024 17:12:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 awscreen2.css
www.activityworkshop.net/ 2 KB
1 KB 53ms
53ms Stylesheet
text/css 185.26.156.210
UVENSYS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityworkshop.net/awscreen2.css

Requested by

Host: www.activityworkshop.net
URL: https://www.activityworkshop.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.26.156.210 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

hyrrokkin.uberspace.de

Software

nginx /

Resource Hash

fdeff2090b2330a93784077955a17330eb47a1e321d2d0dfb82ca8c5567758bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.activityworkshop.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:04:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 22 Apr 2021 19:55:45 GMT
server: nginx
content-encoding: gzip
etag: W/"9c8-5c095109df240"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 aw-logo.png
www.activityworkshop.net/images/ 4 KB
4 KB 50ms
49ms Image
image/png 185.26.156.210
UVENSYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.activityworkshop.net/images/aw-logo.png

Requested by

Host: www.activityworkshop.net
URL: https://www.activityworkshop.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.26.156.210 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

hyrrokkin.uberspace.de

Software

nginx /

Resource Hash

65b59e44175b9a9f7e5a75a88b91ed142d1b9941b2037093b7511a49a45f7b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.activityworkshop.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:04:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 22 Apr 2021 14:09:17 GMT
server: nginx
etag: "f25-5c090398e3d40"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 3877
x-xss-protection: 1; mode=block

GET
H2 200 aw-title.png
www.activityworkshop.net/images/ 5 KB
6 KB 51ms
51ms Image
image/png 185.26.156.210
UVENSYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.activityworkshop.net/images/aw-title.png

Requested by

Host: www.activityworkshop.net
URL: https://www.activityworkshop.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.26.156.210 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

hyrrokkin.uberspace.de

Software

nginx /

Resource Hash

1f46a1b8c71edf61cefc624d658dec2a9c81808d9254640c89d77864d7ba6cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.activityworkshop.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:04:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 22 Apr 2021 14:14:45 GMT
server: nginx
etag: "15e5-5c0904d1b1f40"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 5605
x-xss-protection: 1; mode=block

GET
H2 200 rss.png
www.activityworkshop.net/images/ 2 KB
2 KB 48ms
48ms Image
image/png 185.26.156.210
UVENSYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.activityworkshop.net/images/rss.png

Requested by

Host: www.activityworkshop.net
URL: https://www.activityworkshop.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.26.156.210 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

hyrrokkin.uberspace.de

Software

nginx /

Resource Hash

29643ded5f5facfb8b37f32c773338f6da631b6adfe5563ffcad995b4b231484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.activityworkshop.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:04:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Mar 2012 18:50:19 GMT
server: nginx
etag: "65b-4ba8365d850c0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 1627
x-xss-protection: 1; mode=block

GET
H2 200 buymeacoffee.png
www.activityworkshop.net/images/ 725 B
1015 B 52ms
52ms Image
image/png 185.26.156.210
UVENSYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.activityworkshop.net/images/buymeacoffee.png

Requested by

Host: www.activityworkshop.net
URL: https://www.activityworkshop.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.26.156.210 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

hyrrokkin.uberspace.de

Software

nginx /

Resource Hash

2cb512fdfb2682d1833f98d23da2fea1acb9664981b4d67b3dfe4014a93f7b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.activityworkshop.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:04:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 28 Nov 2021 14:45:54 GMT
server: nginx
etag: "2d5-5d1da61a179f1"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 725
x-xss-protection: 1; mode=block

GET
H2 200 search.html
duckduckgo.com/ Frame 9C01 0
0 155ms
45ms Document
text/html 40.114.177.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/search.html?width=400&site=activityworkshop.net&prefill=Search%20activityworkshop%20using%20DuckDuckGo

Requested by

Host: www.activityworkshop.net
URL: https://www.activityworkshop.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.177.156 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors * ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.activityworkshop.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=86400
content-encoding: br
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors * ; base-uri 'self' ; block-all-mixed-content ;
content-type: text/html; charset=UTF-8
date: Fri, 12 Jul 2024 11:04:24 GMT
etag: W/"6552d180-c13a"
expect-ct: max-age=0
expires: Sat, 13 Jul 2024 11:04:24 GMT
last-modified: Tue, 14 Nov 2023 01:46:40 GMT
permissions-policy: interest-cohort=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-duckduckgo-locale: de_DE
x-xss-protection: 1;mode=block

GET
H2 200 favicon.ico
www.activityworkshop.net/ 318 B
617 B 49ms
49ms Other
image/vnd.microsoft.icon 185.26.156.210
UVENSYS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.activityworkshop.net/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.26.156.210 , Germany, ASN58010 (UVENSYS, DE),

Reverse DNS

hyrrokkin.uberspace.de

Software

nginx /

Resource Hash

b1929ce6bb8a7005d14182d0b97f5a189a662524b8ee8b771fa26618e5b5c43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.activityworkshop.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:04:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Mar 2017 17:40:32 GMT
server: nginx
etag: "13e-54a2782314400"
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 318
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.activityworkshop.net/(Line 5) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

duckduckgo.com
www.activityworkshop.net
185.26.156.210
40.114.177.156
1f46a1b8c71edf61cefc624d658dec2a9c81808d9254640c89d77864d7ba6cb3
29643ded5f5facfb8b37f32c773338f6da631b6adfe5563ffcad995b4b231484
2cb512fdfb2682d1833f98d23da2fea1acb9664981b4d67b3dfe4014a93f7b46
65b59e44175b9a9f7e5a75a88b91ed142d1b9941b2037093b7511a49a45f7b73
b1929ce6bb8a7005d14182d0b97f5a189a662524b8ee8b771fa26618e5b5c43a
da10ae6590546e956650c3e9164c799225a7b3080c79a0a34c2528a0fbb7ca95
fdeff2090b2330a93784077955a17330eb47a1e321d2d0dfb82ca8c5567758bf

www.activityworkshop.net Open in urlscan Pro 185.26.156.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

19 kBTransfer

27 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

www.activityworkshop.net Open in urlscan Pro
185.26.156.210 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

19 kB
Transfer

27 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions