JavaScript is required to use the scan form. Reading existing reports works without it.

get.activated[.]win

Category: Software Downloads

Scanned: May 5, 2026, 07:40 AM UTC · First seen: May 5, 2026 · Threat Engines: 2 / 91 · Times Scanned: 1

34 / 100 Trust Score Based on scan findings at the time of analysis

Potentially Suspicious

0 - High Risk50 - Moderate100 - No Threats

Fresh scan recommended

Last scanned 7 days ago - security status may have changed since then.

Not scanned has not been scanned yet. Hit Scan Now to check it.

Scans can take up to 5 minutes to complete. Please keep this tab open - we'll redirect you to the report when it's ready.

Failed

Scan unavailable

Scan failed

Protect yourself from potentially harmful websites

Combo Cleaner's real-time web protection module actively blocks access to scam, phishing & malware-infected websites.

★★★★★ 4.8 / 5 Recommended by PCrisk.com editors Windows · Mac · Android · iOS

Download Combo Cleaner Free scan · no signup

To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.

Screenshot of get.activated[.]win Captured May 5, 2026

https://get.activated[.]win

This website has been flagged as potentially harmful

Screenshot blurred for safety. Multiple security engines flagged potential threats at the time of scanning.

Domain Age 1 year (activated.win)

Popularity Rank Not Ranked - This website does not appear in the Tranco top list

Threat Databases Flagged by 2 of 91 engines

SSL Certificate ✓ Valid (TLS)

Hosting Provider GitHub, Inc

Server Location San Francisco, United States

Web Server GitHub.com

CMS Platform Unknown

IP Address 185.199.111.153

Domain & WHOIS Information

Registrar Cloudflare, Inc.

Registered May 15, 2024 (activated.win)

Expires May 15, 2026

Name Servers yadiel.ns.cloudflare.com

DNSSEC Signed

Hosting GitHub, Inc

This is a subdomain of activated.win. The WHOIS data above belongs to the parent domain, not to get.activated[.]win. The actual creation date of this subdomain is unknown and could be much more recent than the parent.

Reputation & Threat Check 91 security engines checked

2 of 91 engines flagged this website Flagged by 2 security vendors at the time of scanning

Not flagged Flagged

Flagged by 2 of 91 engines

Direct Threat Database Sources

Google Not listed Spamhaus DBL Not listed SURBL Not listed Spamhaus ZEN Not listed Barracuda Not listed SpamCop Not listed Phishtank Not listed Spamhaus ZRD Not listed URLhaus Not listed QBMA Listed

View detailed engine results on VirusTotal

File Scan Summary Powered by Quttera Engine

2 files scanned

No threats

Low Risk

Medium Risk

High Risk

No threats Low Risk Medium Risk High Risk

get.activated.win/index.html 6.0 KB Flagged: medium risk

get.activated.win/# 6.0 KB Flagged: medium risk

Quttera flagged medium risk files - is this your website?

Investigate and remove potential threats with Quttera

Remove Malware

Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.

External Links & Domains

External Links

1 Flagged

Iframes

Clean

Referenced Domains

1 Flagged

Flagged Resources

Detected

massgrave.devFlagged: Generic Suspicious Object

https://massgrave.devFlagged: Generic Suspicious Object

massgrave.devFlagged: Generic Suspicious Object

get.activated[.]win Overview

Description of get.activated[.]win

The domain get.activated[.]win appears to host a plain-text script distribution page rather than a conventional website. Based on the visible page content, it is being used to serve a PowerShell-based activation-related script and references massgrave.dev for help, troubleshooting, and related resources. The content suggests a technical audience looking for Windows activation tooling rather than general consumers.

The site does not present normal business, organizational, or editorial information such as an about page, branding, contact details, or service descriptions. Instead, it appears to function as a lightweight delivery endpoint for script content hosted on GitHub infrastructure, with the page itself showing code and links to external resources associated with activation scripts.

Safety Assessment for get.activated[.]win

Scan results indicate some caution may be warranted. At the time of this scan, 2 out of 91 security engines flagged the domain, and the malware scan marked both scanned files as suspicious. The page also references an external domain that was identified in the scan as a suspicious object, which increases uncertainty around the purpose and trustworthiness of the content.

The visible content appears to distribute or facilitate access to Windows activation scripts. Even when such tools are presented as utilities, script-delivery pages of this kind may carry elevated risk because they encourage users to run command-line code locally, which can expose systems to unwanted changes, security bypasses, or policy violations. In addition, one blacklist database had a listing associated with the scanned content, although several other blacklist and browsing-safety checks were clean at the time of review.

Based on these findings, this website may pose potential risks to visitors, particularly if they download or execute scripts obtained from it.

Technical Description

The domain uses a valid Let's Encrypt TLS certificate and DNSSEC is enabled, which are positive infrastructure signals. It appears to be hosted on GitHub infrastructure behind the IP address 185.199.111.153, with Cloudflare serving as the registrar and Cloudflare nameservers configured. The certificate was valid at the time of the scan, and the site appears to be delivered as a simple static page.

From a security perspective, the main concern is not the hosting stack itself but the content being served: a script-oriented page with suspicious scan findings and an outbound reference to another flagged domain. The minimal page structure, lack of standard site metadata, and code-delivery behavior may make it harder for users to assess legitimacy before executing downloaded commands.

HTTP Redirect Chain

No redirects detected - direct connection to destination

Website Insights

Popularity

Not Ranked

Tranco Rank

Not in Top 1M

Visitors Unknown

Category: Software Downloads

Rank History (30 days)

No rank data available

No cookies data available

Dispute This Score For website owners

Believe this score is inaccurate?

If you are the website owner and believe the scan results contain errors or false positives, you can submit a dispute for manual review. Our team typically responds within 1-2 business days.

Your Email *

Your Name

Domain *

Dispute Reason *

Additional Details *

You will be asked to verify your email before the dispute can be processed.

By submitting this form, you confirm that the information provided is accurate. Disputes are reviewed manually and results may take up to 48 hours to update.

One more step..

To submit your dispute for get.activated[.]win, please click the verification link we just emailed you. Once verified, we'll review it within 1–2 business days.

This report was generated automatically and is provided for informational purposes only. Results are based on a point-in-time scan and may contain false positives or incomplete data. This does not constitute a security audit or certification. No vendor in the market can guarantee a 100% detection rate. If you believe this report is inaccurate, please submit a dispute.

Similar Recently Scanned