www.trustedactivitiesadvancedavast.top

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3036::ac43:caf0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.trustedactivitiesadvancedavast.top.
TLS certificate: Issued by E1 on December 21st 2023. Valid for: 3 months.

This is the only time www.trustedactivitiesadvancedavast.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	95.211.81.167 95.211.81.167	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	34.120.18.211 34.120.18.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2606:4700:303... 2606:4700:3030::ac43:d4a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3036::ac43:caf0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
7	3

1 95.211.81.167 (Alphen aan den Rijn, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

seawaterway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.18.211 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.18.120.34.bc.googleusercontent.com

www.trksmart.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d4a9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trk.together-faster-weather-live.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::ac43:caf0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.trustedactivitiesadvancedavast.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.trustedactivitiesadvancedavast.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	trustedactivitiesadvancedavast.top www.trustedactivitiesadvancedavast.top cdn.trustedactivitiesadvancedavast.top	13 KB
2	trksmart.cc 2 redirects www.trksmart.cc	815 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	8 KB
1	together-faster-weather-live.run 1 redirects trk.together-faster-weather-live.run	2 KB
1	seawaterway.com seawaterway.com	469 B
7	5

	Domain	Requested by
3	cdn.trustedactivitiesadvancedavast.top	www.trustedactivitiesadvancedavast.top
2	www.trustedactivitiesadvancedavast.top	seawaterway.com www.trustedactivitiesadvancedavast.top
2	www.trksmart.cc	2 redirects
1	cdn.jsdelivr.net	www.trustedactivitiesadvancedavast.top
1	trk.together-faster-weather-live.run	1 redirects
1	seawaterway.com
7	6

This site contains no links.

Subject Issuer	Validity	Valid
trustedactivitiesadvancedavast.top E1	`2023-12-21` - `2024-03-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.trustedactivitiesadvancedavast.top/1hknooa8s/l?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
Frame ID: D1851120E934094E23D4B6C959185B51
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Security Protection Center

Page URL History Show full URLs

http://seawaterway.com/176167fd939adba4000/2_20002_2766446/2396_3109563_5095894_15/0.6324232403285119 Page URL
https://www.trksmart.cc/MZC1FM/7KPTQGL/?sub1=1406050334&source_id=690070&sub2=2_20002_2766446 HTTP 302
https://www.trksmart.cc/MZC1FM/7L95GK9/?__ptid=8d3f6a164a5c45629b9ec460edb41af2&sub1=1406050334&sub2... HTTP 302
https://trk.together-faster-weather-live.run/campaign?id=52ca58c0-13c1-4a95-89e9-e28905e840fe&var2=690070&var1=418&extcid... HTTP 302
https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%... Page URL
https://www.trustedactivitiesadvancedavast.top/1hknooa8s/l?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5... Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

7
Requests

86 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

22 kB
Transfer

46 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://seawaterway.com/176167fd939adba4000/2_20002_2766446/2396_3109563_5095894_15/0.6324232403285119 Page URL
https://www.trksmart.cc/MZC1FM/7KPTQGL/?sub1=1406050334&source_id=690070&sub2=2_20002_2766446 HTTP 302
https://www.trksmart.cc/MZC1FM/7L95GK9/?__ptid=8d3f6a164a5c45629b9ec460edb41af2&sub1=1406050334&sub2=2_20002_2766446&sub3=&sub4=&sub5=&source_id=690070 HTTP 302
https://trk.together-faster-weather-live.run/campaign?id=52ca58c0-13c1-4a95-89e9-e28905e840fe&var2=690070&var1=418&extcid=68a98d30d8fe494bb7964e91c0d81aac HTTP 302
https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm Page URL
https://www.trustedactivitiesadvancedavast.top/1hknooa8s/l?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.trksmart.cc/MZC1FM/7KPTQGL/?sub1=1406050334&source_id=690070&sub2=2_20002_2766446 HTTP 302
https://www.trksmart.cc/MZC1FM/7L95GK9/?__ptid=8d3f6a164a5c45629b9ec460edb41af2&sub1=1406050334&sub2=2_20002_2766446&sub3=&sub4=&sub5=&source_id=690070 HTTP 302
https://trk.together-faster-weather-live.run/campaign?id=52ca58c0-13c1-4a95-89e9-e28905e840fe&var2=690070&var1=418&extcid=68a98d30d8fe494bb7964e91c0d81aac HTTP 302
https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 0.6324232403285119
seawaterway.com/176167fd939adba4000/2_20002_2766446/2396_3109563_5095894_15/ 156 B
469 B 829ms
690ms Document
text/html 95.211.81.167
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://seawaterway.com/176167fd939adba4000/2_20002_2766446/2396_3109563_5095894_15/0.6324232403285119
Protocol: HTTP/1.1
Server: 95.211.81.167 Alphen aan den Rijn, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Length: 156
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Jan 2024 05:02:10 GMT
Server: Apache

GET
H2

200

c Show response
www.trustedactivitiesadvancedavast.top/
Redirect Chain

https://www.trksmart.cc/MZC1FM/7KPTQGL/?sub1=1406050334&source_id=690070&sub2=2_20002_2766446
https://www.trksmart.cc/MZC1FM/7L95GK9/?__ptid=8d3f6a164a5c45629b9ec460edb41af2&sub1=1406050334&sub2=2_20002_2766446&sub3=&sub4=&sub5=&source_id=690070
https://trk.together-faster-weather-live.run/campaign?id=52ca58c0-13c1-4a95-89e9-e28905e840fe&var2=690070&var1=418&extcid=68a98d30d8fe494bb7964e91c0d81aac
https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=26...

3 KB
1 KB

215ms
89ms

Document
text/html

2606:4700:3036::ac43:caf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
Requested by: Host: seawaterway.com
URL: http://seawaterway.com/176167fd939adba4000/2_20002_2766446/2396_3109563_5095894_15/0.6324232403285119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:caf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6d88c42ca9897a15840b9ee3bb9f506853f84aedbf02794f0b2d9da57fb69c

Request headers

Referer: http://seawaterway.com/176167fd939adba4000/2_20002_2766446/2396_3109563_5095894_15/0.6324232403285119
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84953e46ed894bcc-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 05:02:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tI%2F0sU07cZ3FhhVrWa8WSSyGit%2F3pkXlaDtxtPUaDQgCIi1NKlvgRQRAVS%2FHWJGSqNB2EF0xMVocqxOC43AEK4KzZUT5X0ikEtu99w7pQGxLNOawet0hIMand0nRMyj2ZrrcqUMGBevpdTk02MlHpd45ppAODdaAru3MOOfjRv9MG1exXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84953e45a98c4bbd-BUF
content-length: 0
date: Mon, 22 Jan 2024 05:02:10 GMT
location: https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3787e9MMxGMsXOfHIbx0%2BchxEWf1fJhzVeKixIdKbyZdA4bQ3e4iiuMvkv7CD0CUe5eAowPBXPyGV5S8gIH8PrXb1LP2Qy1emMy7dhuig8GqP074yrVZ5t11Hdqribxd1Cn6Q0SsbT8DpQM%2BKRUKjJUYM9bE4LpbdXld18AU5M2x5AE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 ua-parser.min.js
cdn.jsdelivr.net/npm/ua-parser-js@0/dist/ 19 KB
8 KB 113ms
28ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/ua-parser-js@0/dist/ua-parser.min.js

Requested by

Host: www.trustedactivitiesadvancedavast.top
URL: https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trustedactivitiesadvancedavast.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 05:02:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 20156
x-jsd-version: 0.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7936
x-served-by: cache-fra-eddf8230047-FRA, cache-ewr18162-EWR
x-jsd-version-type: version
etag: W/"4bb3-xn81YAue+z8diTHUycCuwBYtzpE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Primary Request l Show response
www.trustedactivitiesadvancedavast.top/1hknooa8s/ 12 KB
3 KB 91ms
90ms Document
text/html 2606:4700:3036::ac43:caf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trustedactivitiesadvancedavast.top/1hknooa8s/l?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
Requested by: Host: www.trustedactivitiesadvancedavast.top
URL: https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:caf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29410a2412b853b2f5a1a684e9456c4a1f276ccc1cde19f750dd9c1a3b5b6f7b

Request headers

Referer: https://www.trustedactivitiesadvancedavast.top/c?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84953e484ed64bcc-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 05:02:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IL%2FwHloZ3tUKsEJP7K%2BL%2FclLIRrV%2FHG81wy9A5e%2BF8t%2Fzy9SqMivktk3P2CWncoYQ8X%2Fgz23KTPZarZld2Zcd%2BVH%2B%2FSDJrgGmzdvp%2BqAoKaZz87Ssoa0XZTJG4GH7Cfi3a4TPu4KUXTfIX29yRiKYnH%2B1xEhzIOTfQLMExzbSU%2FHuAJRlg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin

GET
H2 200 style01.css
cdn.trustedactivitiesadvancedavast.top/bundles/afe9b13d-e8bb-4b87-aceb-0d6886e315ef/static/ 6 KB
2 KB 135ms
80ms Stylesheet
text/css 2606:4700:3036::ac43:caf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedactivitiesadvancedavast.top/bundles/afe9b13d-e8bb-4b87-aceb-0d6886e315ef/static/style01.css
Requested by: Host: www.trustedactivitiesadvancedavast.top
URL: https://www.trustedactivitiesadvancedavast.top/1hknooa8s/l?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:caf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb561c8a6216d41eccabfb5446c1b4c44a1b283a673109fa03370070610c59ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trustedactivitiesadvancedavast.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:02:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPp4kjDZ26wDqrwvKDp5c1ArV_sVr7fmojZfss-JYcBAabg0D7oRuw1taBe-aky3Hat_CTONYeCmPw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 05 Nov 2023 14:59:29 GMT
server: cloudflare
etag: W/"3726cf8a3f62953e75a214dca7503ee3"
vary: Accept-Encoding
x-goog-hash: crc32c=C9tS9A==, md5=NybPij9ilT51ohTcp1A+4w==
x-goog-generation: 1699196369152945
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvZ5Z8QVnxNEGs6c6tVzfYgM%2FLACZxRTvnlwYiAib0kDE5ftRQpl3s1bJ3jUehTOxEonOD7AxVWgFPpRkvVJGWcwQjRnfO8I2E%2B0hNX7MpWhoc87Itjd5hWlbAtTRIr9Lq%2Fx9T%2FjNT6WWwVtF2iCAUW7KcPVYqnXCN7PFdc3Y5z3y38hlg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 6554
cf-ray: 84953e493fe24bcc-BUF
expires: Mon, 22 Jan 2024 06:02:11 GMT

GET
H2 200 phone.png
cdn.trustedactivitiesadvancedavast.top/bundles/afe9b13d-e8bb-4b87-aceb-0d6886e315ef/static/ 1 KB
2 KB 138ms
84ms Image
image/png 2606:4700:3036::ac43:caf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.trustedactivitiesadvancedavast.top/bundles/afe9b13d-e8bb-4b87-aceb-0d6886e315ef/static/phone.png
Requested by: Host: www.trustedactivitiesadvancedavast.top
URL: https://www.trustedactivitiesadvancedavast.top/1hknooa8s/l?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:caf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 998327a4f9bfc5eca4efccdfa5f8f28fe7851448d6aad76ce4d7973b60335ff2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trustedactivitiesadvancedavast.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:02:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPp4uodgERF_oZRFIUKroBts2sPocG07EUVhkuv4Nv9e72id__5YbkXAoK1VLHXh7S5KfJ3WEOydow
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1532
last-modified: Wed, 01 Nov 2023 10:26:38 GMT
server: cloudflare
etag: "aba89bffc351bd3993635ec6d378e5b0"
vary: Accept-Encoding
x-goog-generation: 1698834398140371
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=Gy5lNQ==, md5=q6ib/8NRvTmTY17G03jlsA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tsq%2Fa1p3fvy0iM06YDmHDs2p4f6pL00fmWA%2F2Yo6QFh3wdTtQvYhDfhgfvhvT1fsOxmc7X%2BFwopLHFU30bxxGgwbHRFqnYP0NcweMIA2speXgZyp%2BYuRTrAgYkLirnht09kybiG%2Fx%2FjAwJZlxPVKNRKwKka1A%2Bel1bWPPYk4dHT1Vhx6tw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1532
accept-ranges: bytes
cf-ray: 84953e493fe34bcc-BUF
expires: Mon, 22 Jan 2024 06:02:11 GMT

GET
H2 200 c4.js Show response
cdn.trustedactivitiesadvancedavast.top/bundles/afe9b13d-e8bb-4b87-aceb-0d6886e315ef/static/ 3 KB
4 KB 137ms
82ms Script
application/octet-stream 2606:4700:3036::ac43:caf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedactivitiesadvancedavast.top/bundles/afe9b13d-e8bb-4b87-aceb-0d6886e315ef/static/c4.js
Requested by: Host: www.trustedactivitiesadvancedavast.top
URL: https://www.trustedactivitiesadvancedavast.top/1hknooa8s/l?btd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%3D%3D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%3Affc8%3A2%3A104%3A%3A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:caf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4864130a185a6496869e6ab0549a79709465e5b35c44767c9b8a1e02e0d4e179

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trustedactivitiesadvancedavast.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:02:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPqjFA7_nMqPqYSesensoTsYlRCVVfuheLVnt5_0nNagbCAk6G6tsqVwmdSRweduE1MJ8uOM_z4qRg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3487
last-modified: Wed, 01 Nov 2023 10:26:39 GMT
server: cloudflare
etag: "1c1c5f4b8c0a944e8b01f4bae8fdb639"
vary: Accept-Encoding
x-goog-generation: 1698834399403632
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=6sgKvA==, md5=HBxfS4wKlE6LAfS66P22OQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Q3ZRIQATjkA%2BcS3y7jthcsclZgjV32r28rvl7JN%2BmadEdgmcgAOfKITuirfcbC9bD38JwfqRhcIbaMdvtRhsRy%2Bsxjl%2FJp56m%2BPqJ6jQQ6BVAB0zcrTSHwYLGh8ykUwzeJn%2FdvpSRr%2BTf2%2FVypJVcUr7yvStV2cLGKb21s1mLE7LJwZNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3487
accept-ranges: bytes
cf-ray: 84953e493fe44bcc-BUF
expires: Mon, 22 Jan 2024 06:02:11 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.trksmart.cc/	1970-01-20 18:31:58	Name: uniqueClick_7KPTQGL Value: c3db123f-d2d6-4eac-84c3-acd3301339a7:1705899730
www.trksmart.cc/	1970-01-20 18:31:58	Name: uniqueClick_7L95GK9 Value: 60d00a55-7d2b-44d5-b31f-c4ed4bb3af85:1705899730
www.trksmart.cc/	1970-01-20 20:01:15	Name: transaction_id Value: 68a98d30d8fe494bb7964e91c0d81aac
trk.together-faster-weather-live.run/	1970-01-20 17:53:06	Name: arlc Value: 1
trk.together-faster-weather-live.run/	1970-01-20 17:53:06	Name: arle Value: 1705900330
trk.together-faster-weather-live.run/	1970-01-20 17:53:06	Name: trkobix-v1 Value: https:%2F%2Fwww.trustedactivitiesadvancedavast.top%2Fc%3Fbtd=dHJrLmZyZWViZXN0cHJvdGVjdHBob25lLnJ1bg&exptoken=MTcwNTg5OTc5MDg1Ng%253D%253D&lang=en&lid=11e5f070-a97a-43be-9f3b-f7a91829d8ab&r_city=Buffalo&r_ip=2602%253Affc8%253A2%253A104%253A%253A17&r_isp=Nexeon+Technologies&r_lang=en&r_okeyword=pv&r_os=windows&r_region=New+York&td=dHJrLnRvZ2V0aGVyLWZhc3Rlci13ZWF0aGVyLWxpdmUucnVuL3Nud2RhcnRm&trkobixdt=ZWlkOjo2OGE5OGQzMGQ4ZmU0OTRiYjc5NjRlOTFjMGQ4MWFhYyMjY2lkOjpvWEU3OUNtaTBBUjZLYlBJS0RKbHBoQ0EjI2NhaWQ6OjUyY2E1OGMwLTEzYzEtNGE5NS04OWU5LWUyODkwNWU4NDBmZSMjY2F0aWQ6OnIyMWFyODEwLTFlY3ktN2FkNS04ZGVkLXgyZjlhNXg4NzA2ZS11cDhlIyNyaWQ6OjY1NmVhMDMwZmI2OGM1MDAxMmIxYjc4YyMjcGlkOjo2NTZlYTAzMGZiNjhjNTAwMTJiMWI3OGYjI2xpZDo6MTFlNWYwNzAtYTk3YS00M2JlLTlmM2ItZjdhOTE4MjlkOGFiIyNvaWQ6OjY1NDdmYmE0LTVhMGItNGM3Ni1hNWZiLWYyZmUyMWJlMTBiMyMjcHZpZDo6NzFiMzFjNTEtZmVhMi00ZDhjLTkwMzAtODIwZjRkY2I1Mjg4IyN0c2lkOjo4M2E4ZTM5ZC05MDYzLTQ2NjYtYTAzZS00NjVkZjdiMDRhZGYjI3ZhcjE6OjQxOCMjdmFyMjo6NjkwMDcwIyN2YXIzOjojI3ZhcjQ6OiMjdmFyNTo6IyN2YXI2OjojI3Zhcjc6OiMjdmFyODo6IyN2YXI5OjojI3ZhcjEwOjojI3ZhcjExOjojI3ZhcjEyOjojI3ZhcjEzOjojI3ZhcjE0OjojI3ZhcjE1OjojI3ZhcjE2OjojI3ZhcjE3OjojI3ZhcjE4OjojI3ZhcjE5OjojI3ZhcjIwOjojI2ZsaWQ6OmQzODdhODM5LTQ4MWEtNGEyZi04OWZlLWU0MjU1Y2UzZDFiNiMjY2F0OjojI2xhbmc6OmVuIyNjcmlkOjojI293bmVyOjoxZjJkMDc3NS0xZDUxLTQ5OGYtOWIyNi01YTdlZTNhNjYxYzQjI29mbGlkOjo0MjYxNDFkMy03Nzg0LTQ1NGEtYjAzOC05YjBmMjYxZjVkMDY%253D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.trustedactivitiesadvancedavast.top
seawaterway.com
trk.together-faster-weather-live.run
www.trksmart.cc
www.trustedactivitiesadvancedavast.top
2606:4700:3030::ac43:d4a9
2606:4700:3036::ac43:caf0
2a04:4e42:400::485
34.120.18.211
95.211.81.167
29410a2412b853b2f5a1a684e9456c4a1f276ccc1cde19f750dd9c1a3b5b6f7b
4864130a185a6496869e6ab0549a79709465e5b35c44767c9b8a1e02e0d4e179
5d6d88c42ca9897a15840b9ee3bb9f506853f84aedbf02794f0b2d9da57fb69c
998327a4f9bfc5eca4efccdfa5f8f28fe7851448d6aad76ce4d7973b60335ff2
cb561c8a6216d41eccabfb5446c1b4c44a1b283a673109fa03370070610c59ba

www.trustedactivitiesadvancedavast.top Open in urlscan Pro 2606:4700:3036::ac43:caf0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

3 IPs

2 Countries

22 kBTransfer

46 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

6 Cookies

Indicators

www.trustedactivitiesadvancedavast.top Open in urlscan Pro
2606:4700:3036::ac43:caf0 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

22 kB
Transfer

46 kB
Size

6
Cookies

7 HTTP transactions
0 data transactions