windowsactivatorloader.com Open in urlscan Pro
31.42.187.48  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response windowsactivatorloader.com/	48 KB 12 KB	219ms 54ms	Document text/html	31.42.187.48 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.42.187.48 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS dedicated.vsys.host Software nginx / Resource Hash efe4df85b41c95bc659bf4aab9c89e9f4d7e8cedbf5572acaa26958d0fd64bb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority windowsactivatorloader.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx date Thu, 26 Nov 2020 18:10:20 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding link <https://windowsactivatorloader.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/7gGDZ>; rel=shortlink set-cookie bp_user-role=guest; expires=Sat, 05-Aug-2034 18:10:19 GMT; Max-Age=432000000; path=/ bp_user-registered=0; expires=Sat, 05-Aug-2034 18:10:19 GMT; Max-Age=432000000; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:19 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:19 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:20 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:20 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:20 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:20 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:20 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:20 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:20 GMT; Max-Age=3600; path=/ adinj=1; expires=Thu, 26-Nov-2020 19:10:20 GMT; Max-Age=3600; path=/ x-xss-protection 1; mode=block x-content-type-options nosniff x-nginx-upstream-cache-status HIT x-server-powered-by Engintron content-encoding gzip
GET H2	200	style.min.css c0.wp.com/c/5.5.3/wp-includes/css/dist/block-library/	53 KB 7 KB	50ms 16ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.5.3/wp-includes/css/dist/block-library/style.min.css Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 2 date Thu, 26 Nov 2020 18:10:20 GMT content-encoding br last-modified Thu, 27 Aug 2020 18:00:38 GMT server nginx vary Accept-Encoding content-type text/css cache-control max-age=31536000 strict-transport-security max-age=15552000 expires Fri, 26 Nov 2021 18:10:20 GMT
GET H2	200	style.min.css windowsactivatorloader.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/	438 B 484 B	55ms 53ms	Stylesheet text/css	31.42.187.48 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://windowsactivatorloader.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.11 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.42.187.48 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS dedicated.vsys.host Software nginx / Resource Hash b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 18:10:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 23 Jun 2020 08:13:07 GMT server nginx vary Accept-Encoding content-type text/css expires Sat, 26 Dec 2020 18:10:20 GMT cache-control max-age=2592000 x-server-powered-by Engintron x-xss-protection 1; mode=block x-nginx-upstream-cache-status STALE
GET H2	200	screen.min.css windowsactivatorloader.com/wp-content/plugins/easy-table-of-contents/assets/css/	5 KB 2 KB	56ms 54ms	Stylesheet text/css	31.42.187.48 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://windowsactivatorloader.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.11 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.42.187.48 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS dedicated.vsys.host Software nginx / Resource Hash d8faea6e218910bf83cd1e7fe9775b3b75195df3c16a3f4eea74b75f9b881dce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 18:10:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 23 Jun 2020 08:13:07 GMT server nginx vary Accept-Encoding content-type text/css expires Sat, 26 Dec 2020 18:10:20 GMT cache-control max-age=2592000 x-server-powered-by Engintron x-xss-protection 1; mode=block x-nginx-upstream-cache-status STALE
GET H2	200	css fonts.googleapis.com/	3 KB 658 B	17ms 15ms	Stylesheet text/css	2a00:1450:4001:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d4f421c581f4eb92de3620f0e1096cd731889fea2f9b5c94ba8a4f8f428f821e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff last-modified Thu, 26 Nov 2020 18:10:20 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin date Thu, 26 Nov 2020 18:10:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Thu, 26 Nov 2020 18:10:20 GMT
GET H2	200	style.css windowsactivatorloader.com/wp-content/themes/iconic-one/	37 KB 9 KB	60ms 58ms	Stylesheet text/css	31.42.187.48 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://windowsactivatorloader.com/wp-content/themes/iconic-one/style.css?ver=1.7.8 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.42.187.48 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS dedicated.vsys.host Software nginx / Resource Hash a9c6e925f5292f9a0dca118648d6648d793bc8c77d7b8656c5293c74d4287c22 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 18:10:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 20 Nov 2020 20:40:26 GMT server nginx vary Accept-Encoding content-type text/css expires Sat, 26 Dec 2020 18:10:20 GMT cache-control max-age=2592000 x-server-powered-by Engintron x-xss-protection 1; mode=block x-nginx-upstream-cache-status STALE
GET H2	200	custom.css windowsactivatorloader.com/wp-content/themes/iconic-one/	69 B 335 B	60ms 59ms	Stylesheet text/css	31.42.187.48 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://windowsactivatorloader.com/wp-content/themes/iconic-one/custom.css?ver=5.5.3 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.42.187.48 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS dedicated.vsys.host Software nginx / Resource Hash 14b9bdc15584540d4e072ff690279f5bc8b15df337b227115bb12af5acb2c704 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 18:10:20 GMT x-content-type-options nosniff last-modified Fri, 20 Nov 2020 20:40:26 GMT server nginx content-type text/css expires Sat, 26 Dec 2020 18:10:20 GMT cache-control max-age=2592000 x-server-powered-by Engintron accept-ranges bytes content-length 69 x-xss-protection 1; mode=block x-nginx-upstream-cache-status STALE
GET H2	200	jetpack.css c0.wp.com/p/jetpack/9.1/css/	75 KB 13 KB	49ms 16ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/9.1/css/jetpack.css Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 2 date Thu, 26 Nov 2020 18:10:20 GMT content-encoding br last-modified Tue, 25 Aug 2020 15:45:57 GMT server nginx vary Accept-Encoding content-type text/css cache-control max-age=31536000 strict-transport-security max-age=15552000 expires Fri, 26 Nov 2021 18:10:20 GMT
GET H2	200	jquery.js Show response c0.wp.com/c/5.5.3/wp-includes/js/jquery/	95 KB 32 KB	49ms 17ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.5.3/wp-includes/js/jquery/jquery.js Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 2 date Thu, 26 Nov 2020 18:10:20 GMT content-encoding br last-modified Fri, 17 May 2019 04:25:54 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 strict-transport-security max-age=15552000 expires Fri, 26 Nov 2021 18:10:20 GMT
GET H2	200	dmca-badge-w100-5x1-03.png i1.wp.com/images.dmca.com/Badges/	838 B 1 KB	50ms 18ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i1.wp.com/images.dmca.com/Badges/dmca-badge-w100-5x1-03.png?w=665 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash 7291787a431734a51de46f2c110162ef1b9b9b685ceb83b38fe165a306f02859 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 1 date Thu, 26 Nov 2020 18:10:20 GMT x-content-type-options nosniff last-modified Fri, 20 Nov 2020 20:01:31 GMT server nginx etag "c013c6074ae2fed1" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 link <http://images.dmca.com/Badges/dmca-badge-w100-5x1-03.png>; rel="canonical" content-length 838 expires Mon, 21 Nov 2022 08:01:31 GMT
GET H2	200	DMCABadgeHelper.min.js Show response images.dmca.com/Badges/	465 B 633 B	53ms 19ms	Script application/javascript	151.139.242.29 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://images.dmca.com/Badges/DMCABadgeHelper.min.js Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / ASP.NET Resource Hash e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 18:10:20 GMT content-encoding gzip last-modified Fri, 21 Jun 2019 20:14:34 GMT server nginx x-powered-by ASP.NET etag "26b181f16d28d51:0" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes link <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical" content-length 280 expires Sat, 26 Dec 2020 18:10:10 GMT
GET H2	200	photon.min.js Show response c0.wp.com/p/jetpack/9.1/_inc/build/photon/	758 B 422 B	14ms 14ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/9.1/_inc/build/photon/photon.min.js Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 2 date Thu, 26 Nov 2020 18:10:20 GMT content-encoding br last-modified Tue, 31 Mar 2020 17:26:38 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 strict-transport-security max-age=15552000 expires Fri, 26 Nov 2021 18:10:20 GMT
GET H2	200	selectnav.js Show response windowsactivatorloader.com/wp-content/themes/iconic-one/js/	4 KB 2 KB	56ms 54ms	Script application/javascript	31.42.187.48 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://windowsactivatorloader.com/wp-content/themes/iconic-one/js/selectnav.js?ver=1.0 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.42.187.48 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS dedicated.vsys.host Software nginx / Resource Hash fa74e2efe166bec2fe4d9a036c2de5bab6837a4d6da7c56bf41cc8697edb9d3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 18:10:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 20 Nov 2020 20:40:26 GMT server nginx vary Accept-Encoding content-type application/javascript expires Sat, 26 Dec 2020 18:10:20 GMT cache-control max-age=2592000 x-server-powered-by Engintron x-xss-protection 1; mode=block x-nginx-upstream-cache-status STALE
GET H2	200	wp-embed.min.js Show response c0.wp.com/c/5.5.3/wp-includes/js/	1 KB 721 B	16ms 14ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.5.3/wp-includes/js/wp-embed.min.js Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 2 date Thu, 26 Nov 2020 18:10:20 GMT content-encoding br last-modified Sat, 26 Oct 2019 00:17:07 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 strict-transport-security max-age=15552000 expires Fri, 26 Nov 2021 18:10:20 GMT
GET H2	200	jetpack-carousel.min.js Show response c0.wp.com/p/jetpack/9.1/_inc/build/carousel/	27 KB 7 KB	16ms 14ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/9.1/_inc/build/carousel/jetpack-carousel.min.js Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 5d6d3933c5bad83e6337d5405bb8afe724adcd2fd10ce0cba2500d200e4501d8 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 2 date Thu, 26 Nov 2020 18:10:20 GMT content-encoding br last-modified Tue, 30 Jun 2020 14:24:10 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 strict-transport-security max-age=15552000 expires Fri, 26 Nov 2021 18:10:20 GMT
GET H2	200	e-202048.js Show response stats.wp.com/	9 KB 3 KB	49ms 16ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202048.js Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg date Thu, 26 Nov 2020 18:10:20 GMT content-encoding gzip server nginx etag W/"5c6340e3-350a" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 expires Thu, 18 Nov 2021 21:27:36 GMT
GET H2	200	wp-emoji-release.min.js Show response windowsactivatorloader.com/wp-includes/js/	14 KB 5 KB	56ms 55ms	Script application/javascript	31.42.187.48 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL https://windowsactivatorloader.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.42.187.48 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS dedicated.vsys.host Software nginx / Resource Hash 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 18:10:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 20 Nov 2020 20:42:31 GMT server nginx vary Accept-Encoding content-type application/javascript expires Sat, 26 Dec 2020 18:10:20 GMT cache-control max-age=2592000 x-server-powered-by Engintron x-xss-protection 1; mode=block x-nginx-upstream-cache-status STALE
GET H2	200	4iCs6KVjbNBYlgoKfw72nU6AFw.woff2 fonts.gstatic.com/s/ubuntu/v15/	13 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://windowsactivatorloader.com Referer https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:20:37 GMT x-content-type-options nosniff last-modified Thu, 10 Sep 2020 17:03:01 GMT server sffe age 24583 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13720 x-xss-protection 0 expires Fri, 26 Nov 2021 11:20:37 GMT
GET H2	200	4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2 fonts.gstatic.com/s/ubuntu/v15/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://windowsactivatorloader.com Referer https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 22 Nov 2020 08:15:42 GMT x-content-type-options nosniff last-modified Thu, 10 Sep 2020 17:03:11 GMT server sffe age 381278 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14096 x-xss-protection 0 expires Mon, 22 Nov 2021 08:15:42 GMT
GET H2	200	Autodesk-3ds-Max-2017-Crack-Plus-Serial-keys-Download-Latest2.jpg i1.wp.com/windowsactivatorloader.com/wp-content/uploads/2017/05/	6 KB 6 KB	16ms 15ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i1.wp.com/windowsactivatorloader.com/wp-content/uploads/2017/05/Autodesk-3ds-Max-2017-Crack-Plus-Serial-keys-Download-Latest2.jpg?zoom=2&resize=200%2C140 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash 77a8813a122da278663f8f6bc28ffdbfc97ba9b4f1b6c074ed8336328e083974 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 8 date Thu, 26 Nov 2020 18:10:20 GMT x-content-type-options nosniff last-modified Fri, 20 Nov 2020 20:01:31 GMT server nginx etag "eeab431285b08127" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 link <http://windowsactivatorloader.com/wp-content/uploads/2017/05/Autodesk-3ds-Max-2017-Crack-Plus-Serial-keys-Download-Latest2.jpg>; rel="canonical" content-length 5798 expires Mon, 21 Nov 2022 08:01:31 GMT
GET H2	200	Google-Sketchup-Pro-8-Keygen-plus-License-key-FREE.-2.jpg i1.wp.com/windowsactivatorloader.com/wp-content/uploads/2016/08/	8 KB 8 KB	16ms 15ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i1.wp.com/windowsactivatorloader.com/wp-content/uploads/2016/08/Google-Sketchup-Pro-8-Keygen-plus-License-key-FREE.-2.jpg?resize=300%2C212&ssl=1 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash c8031b85dc951632fe861ef09ab2d3b66bb6126105659a1ebe09fa6186927ead Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 3 date Thu, 26 Nov 2020 18:10:20 GMT x-content-type-options nosniff last-modified Fri, 20 Nov 2020 20:01:32 GMT server nginx etag "2f884237edde85d0" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 link <https://windowsactivatorloader.com/wp-content/uploads/2016/08/Google-Sketchup-Pro-8-Keygen-plus-License-key-FREE.-2.jpg>; rel="canonical" content-length 8020 expires Mon, 21 Nov 2022 08:01:32 GMT
GET H2	200	x.jpg i1.wp.com/windowsactivatorloader.com/wp-content/uploads/2019/06/	2 KB 3 KB	20ms 20ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i1.wp.com/windowsactivatorloader.com/wp-content/uploads/2019/06/x.jpg?resize=200%2C140&ssl=1 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash c4342fac53ea149bcc36101dbd08a554b9ff66d7a8d392eff3b0a7f877a7b7df Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nc HIT cdg 7 date Thu, 26 Nov 2020 18:10:20 GMT x-content-type-options nosniff last-modified Fri, 20 Nov 2020 20:01:32 GMT server nginx etag "49725014ac81f0e8" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 link <https://windowsactivatorloader.com/wp-content/uploads/2019/06/x.jpg>; rel="canonical" content-length 2464 expires Mon, 21 Nov 2022 08:01:32 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 92 B	15ms 14ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A9.1&blog=107411527&post=0&tz=5&srv=windowsactivatorloader.com&host=windowsactivatorloader.com&ref=&fcp=394&rand=0.015451616492327958 Requested by Host: windowsactivatorloader.com URL: https://windowsactivatorloader.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers Referer https://windowsactivatorloader.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 18:10:20 GMT cache-control no-cache server nginx content-length 50 content-type image/gif

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery string| ajaxurl string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch undefined| timer number| touchduration string| elemtype function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext undefined| e string| __bp_session_timeout number| __bp_session_freezing object| bizpanda undefined| timeout_result function| show_wpcp_message function| hide_message function| selectnav object| wp object| jetpackCarouselStrings object| _stq object| jQuery112409637526708106423 function| st_go function| linktracker_init object| wpcom object| twemoji

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			windowsactivatorloader.com/	1970-01-24 14:13:34	Name: bp_ut_session Value: %7B-q-pageviews-q-%3A1-c--q-referrer-q-%3A-q--q--c--q-landingPage-q-%3A-q-https%3A%2F%2Fwindowsactivatorloader.com%2F-q--c--q-started-q-%3A1606414220918%7D
			windowsactivatorloader.com/	1970-01-19 14:13:37	Name: adinj Value: 1
			windowsactivatorloader.com/	1970-01-24 14:13:34	Name: bp_user-registered Value: 0
			windowsactivatorloader.com/	1970-01-24 14:13:34	Name: bp_user-role Value: guest

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c0.wp.com
fonts.googleapis.com
fonts.gstatic.com
i1.wp.com
images.dmca.com
pixel.wp.com
stats.wp.com
windowsactivatorloader.com
151.139.242.29
192.0.76.3
192.0.77.2
192.0.77.37
2a00:1450:4001:814::2003
2a00:1450:4001:820::200a
31.42.187.48
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
14b9bdc15584540d4e072ff690279f5bc8b15df337b227115bb12af5acb2c704
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
5d6d3933c5bad83e6337d5405bb8afe724adcd2fd10ce0cba2500d200e4501d8
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7291787a431734a51de46f2c110162ef1b9b9b685ceb83b38fe165a306f02859
7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544
77a8813a122da278663f8f6bc28ffdbfc97ba9b4f1b6c074ed8336328e083974
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
a9c6e925f5292f9a0dca118648d6648d793bc8c77d7b8656c5293c74d4287c22
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
c4342fac53ea149bcc36101dbd08a554b9ff66d7a8d392eff3b0a7f877a7b7df
c8031b85dc951632fe861ef09ab2d3b66bb6126105659a1ebe09fa6186927ead
d4f421c581f4eb92de3620f0e1096cd731889fea2f9b5c94ba8a4f8f428f821e
d8faea6e218910bf83cd1e7fe9775b3b75195df3c16a3f4eea74b75f9b881dce
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
efe4df85b41c95bc659bf4aab9c89e9f4d7e8cedbf5572acaa26958d0fd64bb3
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fa74e2efe166bec2fe4d9a036c2de5bab6837a4d6da7c56bf41cc8697edb9d3d