GET resources.totalav.com/build/prod/26.330.1/css/kondo/global/_totalav/global.min-1-bless-section.css?z=912
200 OK 315 kB URL
resources.totalav.com/build/prod/26.330.1/css/kondo/global/_totalav/global.min-1-bless-section.css?z=912
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-04-17
Last Seen 2025-04-22
Times Seen 44
Size 315 kB (314998 bytes)
MD5 e4982c101bb76cf6f9ee8f06cedb1f26
SHA1 c6dc560e621e86ad1bedfa6849e7810cad37bfe8
SHA256 1f3e97cc65453fa1e53df264501b5bae552fdcdce64575f924aa19b0c7874bf2
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /build/prod/26.330.1/css/kondo/global/_totalav/global.min-1-bless-section.css?z=912 HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/build/prod/26.330.1/css/kondo/global/_totalav/global.min.css
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:23 GMT
content-type: text/css
content-length: 24893
x-guploader-uploadid: AKDAyIvye7Apht_0EHODGrMLkb7lQdV2LdzcxFw7BWtV5Ylga1peJk5l6xWQZ_-NN6UkMk3VIMS0vqY
x-goog-generation: 1744905354857677
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 24893
content-encoding: gzip
x-goog-hash: crc32c=5qJLhw==, md5=WZXe5VztzQ6tW/g+WnI7Ig==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
expires: Sun, 27 Apr 2025 22:25:23 GMT
cache-control: max-age=604800
last-modified: Thu, 17 Apr 2025 15:55:54 GMT
etag: "5995dee55cedcd0ead5bf83e5a723b22"
age: 267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/build/prod/26.330.1/css/kondo/global/_totalav/global.min-1-bless-section.css?z=912>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET resources.totalav.com/img/layout/kondo/icons/cvv-tooltip-icon.svg
200 OK 5.7 kB URL
resources.totalav.com/img/layout/kondo/icons/cvv-tooltip-icon.svg
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-04-11
Last Seen 2025-08-02
Times Seen 239
Size 5.7 kB (5703 bytes)
MD5 0de57d7ad4ad8f60d5168f715ef5f8ab
SHA1 ce43c3d21e6f85b4b66773b4aeb1ff0308d51507
SHA256 67e53b9d70b996c4ca7dded2f3d21c24bff914619bae39804a3dee04ec5f105f
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/layout/kondo/icons/cvv-tooltip-icon.svg HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: image/svg+xml
x-goog-generation: 1576698194840061
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5703
x-goog-hash: crc32c=tOpxNg==, md5=DeV9etStj2DVFo9xXvX4qw==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
x-guploader-uploadid: AFiumC4uuwetg11w67zl0oOwgZCrtC3e77abugscysrZf5kRwt27dYgpPIsA-xHWR_XVSYgaQSJSIkyJKg
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Wed, 18 Dec 2019 19:43:14 GMT
etag: W/"0de57d7ad4ad8f60d5168f715ef5f8ab"
age: 543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/layout/kondo/icons/cvv-tooltip-icon.svg>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
GET resources.totalav.com/img/layout/kondo/icons/divided-orderform/rocket.svg
200 OK 5.5 kB URL
resources.totalav.com/img/layout/kondo/icons/divided-orderform/rocket.svg
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-04-11
Last Seen 2025-08-01
Times Seen 244
Size 5.5 kB (5532 bytes)
MD5 8b76cff964b59219ef62d86c673bab5f
SHA1 5253316731385b51bf1b250573f945e80bd4537b
SHA256 71c75c4940b60fd2efd67a1f61de4042bf111f0d9f85ae71376f6dc3e9bb6348
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/layout/kondo/icons/divided-orderform/rocket.svg HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: image/svg+xml
x-goog-generation: 1699974778961444
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5532
x-goog-hash: crc32c=MLZDmA==, md5=i3bP+WS1khnvYthsZzurXw==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
x-guploader-uploadid: AFiumC5USwXpChLcT5qNOQSYj6_L50MObpCb9Tnglj3dJhsbOi9rJCazXSMwHOc0ldpgXFEEB7jOjaodSg
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
age: 1076
last-modified: Tue, 14 Nov 2023 15:12:59 GMT
etag: W/"8b76cff964b59219ef62d86c673bab5f"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/layout/kondo/icons/divided-orderform/rocket.svg>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdn.prod.pci-bridge.com/v1.1.12/iframe.html
200 OK 169 B URL
cdn.prod.pci-bridge.com/v1.1.12/iframe.html
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://secure.totalav.com/
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2023-09-16
Last Seen 2025-08-02
Times Seen 258
Size 169 B (169 bytes)
MD5 0bb464f3a9f4e735a145dcbd224d445f
SHA1 1c90a8000a7a861964bbdd92d2365acffe0647ca
SHA256 6a65d5c9f1c41bb41e5dd0ccad80d343676f5d8db32526b302897c567547c314
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/iframe.html HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoVZU1r5tnUwsuqrC0_9h-zg84Lh9RvYrkFQTi3Smft84hLZRB59mp0wgBxAqgPxDGD03KYpMo
x-goog-generation: 1720016312480331
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 163
content-encoding: gzip
x-goog-hash: crc32c=OQe43g==, md5=bhIIuCNtVpZF1icaUn+08Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 163
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 14:56:13 GMT
age: 26953
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "6e1208b8236d569645d6271a527fb4f1"
content-type: text/html
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
200 OK 178 kB URL
cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://cdn.prod.pci-bridge.com/v1.1.12/iframe.html
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
First Seen 2025-02-23
Last Seen 2025-08-02
Times Seen 259
Size 178 kB (177963 bytes)
MD5 ff5b8e4bfc74ae4e0b214c2403280c56
SHA1 2b69f6635449f4b036ebaa6300ae1575e2f57ec4
SHA256 f5265190a503c84089f255b5ae9cbc12ce99e21052ab93b5d5c14c15e834f514
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/js/pcibridge.js HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoaXbMrNIlOWEkRH0rWQnQoMrx4gKQ1gV1SjB8OoJkxVtHSplEQfVyK6Rs1pniG2B6r5Ps5tMc
x-goog-generation: 1720016312304109
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 59041
content-encoding: gzip
x-goog-hash: crc32c=4ShYPQ==, md5=ZUdfdYF5HH37rtiA5NJdVA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 59041
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 19:22:29 GMT
age: 10978
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "65475f7581791c7dfbaed880e4d25d54"
content-type: application/javascript
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.paypalobjects.com/api/checkout.js
200 OK 1.5 MB URL
www.paypalobjects.com/api/checkout.js
IP / ASN
104.18.34.93
#13335 CLOUDFLARENET
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, ASCII text
First Seen 2024-08-08
Last Seen 2025-08-03
Times Seen 3519
Size 1.5 MB (1495556 bytes)
MD5 55924778c704dbc378541a231ace87df
SHA1 7d3c90e03860278df9d7d3732d86247464453209
SHA256 2e227a920676415558e65f45af1b2f144fdb3461285f5a4363fe0e619793b48f
Certificate Info
Issuer DigiCert Inc
Subject www.paypalobjects.com
Fingerprint 90:7C:99:CB:63:61:73:C3:BA:E7:2D:B4:F6:5F:5D:92:B9:B9:7B:EB
Validity Mon, 26 Aug 2024 00:00:00 GMT - Mon, 25 Aug 2025 23:59:59 GMT
GET /api/checkout.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:25:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
etag: W/"66b24e06-16d204"
last-modified: Tue, 06 Aug 2024 16:23:34 GMT
paypal-debug-id: bbf215c42606d
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000bbf215c42606d-a12de45d4640f101-01
dc: ccg11-origin-www-1.paypal.com
cf-cache-status: HIT
age: 1022535
x-content-type-options: nosniff
vary: Accept-Encoding, Accept-Encoding
x-edge-security-info: 650c82854aed91a22996035b295a0c3e
server: cloudflare
cf-ray: 93380ea9ae2d0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
GET resources.totalav.com/build/prod/26.330.1/css/kondo/global/_totalav/global.min.css
200 OK 126 kB URL
resources.totalav.com/build/prod/26.330.1/css/kondo/global/_totalav/global.min.css
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
First Seen 2025-04-17
Last Seen 2025-04-22
Times Seen 43
Size 126 kB (126058 bytes)
MD5 326bb22acc1a8bc546920697cd5f578c
SHA1 f9b7b2f545a3b4643e10c690978bf51b7adb55a7
SHA256 e6bfa338aafe168e4e8a7cf8b20029f50797845056c262d53a891022269da2ce
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /build/prod/26.330.1/css/kondo/global/_totalav/global.min.css HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: text/css
content-length: 15640
x-guploader-uploadid: AKDAyIt0IUIUDDKmqXDkmvmNl3RsPI2PnHeoO3GUFlBTG_8EDPKgPHeuTDMput-8ivpcWzNLR9A-v44
x-goog-generation: 1744905354632972
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15640
content-encoding: gzip
x-goog-hash: crc32c=NKy/jw==, md5=D/xh5UX6C1yt4zHuY6Tr4g==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Thu, 17 Apr 2025 15:55:54 GMT
etag: "0ffc61e545fa0b5cade331ee63a4ebe2"
age: 140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/build/prod/26.330.1/css/kondo/global/_totalav/global.min.css>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET resources.totalav.com/build/prod/26.330.1/ts/bundle/secureApp.min.js
200 OK 839 kB URL
resources.totalav.com/build/prod/26.330.1/ts/bundle/secureApp.min.js
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65510), with no line terminators
First Seen 2025-04-03
Last Seen 2025-04-24
Times Seen 118
Size 839 kB (838653 bytes)
MD5 6f2801608e13df3bd79bfbee3a94de98
SHA1 19d2624ce6d2c3e08ffedf493498b9b40861e672
SHA256 1594a69ae6469da97dc3032cf81e65da548e4cd9910048f92c242d143f33be90
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /build/prod/26.330.1/ts/bundle/secureApp.min.js HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: text/javascript
content-length: 170544
x-guploader-uploadid: AKDAyIte9ZhWcnBbmK7We1N4MnoPpa43-W1WADG6scRaPbDWISYwBJAAovhOlnGoaPDYVu--MVQ22nw
x-goog-generation: 1744905375149173
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 170544
content-encoding: gzip
x-goog-hash: crc32c=ds3TWA==, md5=+qjHIn1aC4ICOaQURwAvbg==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Thu, 17 Apr 2025 15:56:15 GMT
etag: "faa8c7227d5a0b820239a41447002f6e"
age: 374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/build/prod/26.330.1/ts/bundle/secureApp.min.js>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn.prod.pci-bridge.com/v1.1.12/iframe.html
200 OK 169 B URL
cdn.prod.pci-bridge.com/v1.1.12/iframe.html
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://secure.totalav.com/
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2023-09-16
Last Seen 2025-08-02
Times Seen 258
Size 169 B (169 bytes)
MD5 0bb464f3a9f4e735a145dcbd224d445f
SHA1 1c90a8000a7a861964bbdd92d2365acffe0647ca
SHA256 6a65d5c9f1c41bb41e5dd0ccad80d343676f5d8db32526b302897c567547c314
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/iframe.html HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoVZU1r5tnUwsuqrC0_9h-zg84Lh9RvYrkFQTi3Smft84hLZRB59mp0wgBxAqgPxDGD03KYpMo
x-goog-generation: 1720016312480331
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 163
content-encoding: gzip
x-goog-hash: crc32c=OQe43g==, md5=bhIIuCNtVpZF1icaUn+08Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 163
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 14:56:13 GMT
age: 26953
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "6e1208b8236d569645d6271a527fb4f1"
content-type: text/html
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET url.totalav.com/fp/common/9f1ecd79.js
200 OK 56 kB URL
url.totalav.com/fp/common/9f1ecd79.js
IP / ASN
35.224.74.90
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (55620), with no line terminators
First Seen 2023-06-28
Last Seen 2025-08-02
Times Seen 324
Size 56 kB (55620 bytes)
MD5 c1f21197fdb9d3e498efa333dcb08ddc
SHA1 f10884796cb3639b8212fd5b3c9b956cc2e451a9
SHA256 509d53dda2492f118a5881579fbafcbd6df58bfae16b1f7c3b69e3231e7724cf
Certificate Info
Issuer Let's Encrypt
Subject affiliates.totalav.com
Fingerprint 77:13:9F:05:A2:7A:09:C9:C8:F0:BD:8F:DA:67:73:55:12:6E:FD:60
Validity Mon, 24 Mar 2025 03:11:57 GMT - Sun, 22 Jun 2025 03:11:56 GMT
GET /fp/common/9f1ecd79.js HTTP/1.1
Host: url.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:25:26 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000, public, s-maxage=2592000
x-content-type-options: nosniff
vary: Accept-Encoding, Accept-Encoding
etag: W/"c1f21197fdb9d3e498efa333dcb08ddc"
expires: Tue, 20 May 2025 22:25:26 GMT
last-modified: Sun, 20 Apr 2025 22:25:26 GMT
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
GET cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
200 OK 178 kB URL
cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://cdn.prod.pci-bridge.com/v1.1.12/iframe.html
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
First Seen 2025-02-23
Last Seen 2025-08-02
Times Seen 259
Size 178 kB (177963 bytes)
MD5 ff5b8e4bfc74ae4e0b214c2403280c56
SHA1 2b69f6635449f4b036ebaa6300ae1575e2f57ec4
SHA256 f5265190a503c84089f255b5ae9cbc12ce99e21052ab93b5d5c14c15e834f514
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/js/pcibridge.js HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoaXbMrNIlOWEkRH0rWQnQoMrx4gKQ1gV1SjB8OoJkxVtHSplEQfVyK6Rs1pniG2B6r5Ps5tMc
x-goog-generation: 1720016312304109
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 59041
content-encoding: gzip
x-goog-hash: crc32c=4ShYPQ==, md5=ZUdfdYF5HH37rtiA5NJdVA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 59041
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 19:22:29 GMT
age: 10978
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "65475f7581791c7dfbaed880e4d25d54"
content-type: application/javascript
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET resources.totalav.com/img/layout/kondo/secure/orderform-details-block/expandable/paypal.svg
200 OK 8.7 kB URL
resources.totalav.com/img/layout/kondo/secure/orderform-details-block/expandable/paypal.svg
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-04-11
Last Seen 2025-08-02
Times Seen 245
Size 8.7 kB (8704 bytes)
MD5 d69274af4d097f176843b7156a7fb1e1
SHA1 5fde5356ff39b841f8730e716a4c9b50fa0418be
SHA256 8174f9eac863aab56626b00355bb81c6b73d11da414d491fb1966b389d910567
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/layout/kondo/secure/orderform-details-block/expandable/paypal.svg HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: image/svg+xml
x-goog-generation: 1677691780279240
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8704
x-goog-hash: crc32c=bnD7oQ==, md5=1pJ0r00JfxdoQ7cVan+x4Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
x-guploader-uploadid: AFiumC5fVZ5I0oUHIHQCyToHXKfLKDkeEcDFnAsKCWVKigyCGccG1798VA8a50JJDkO0dA1d5wLtN_lD4Q
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
age: 3119
last-modified: Wed, 01 Mar 2023 17:29:40 GMT
etag: W/"d69274af4d097f176843b7156a7fb1e1"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/layout/kondo/secure/orderform-details-block/expandable/paypal.svg>; rel="canonical"
x-cache: REVALIDATED
x-edge-location: noos
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
GET resources.totalav.com/build/prod/26.330.1/css/kondo/secure/_totalav/secure.min-1-bless-section.css?z=174
200 OK 405 kB URL
resources.totalav.com/build/prod/26.330.1/css/kondo/secure/_totalav/secure.min-1-bless-section.css?z=174
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
First Seen 2025-04-11
Last Seen 2025-06-01
Times Seen 122
Size 405 kB (405150 bytes)
MD5 13e7db2f18b26d1a0a3e84c4366174a1
SHA1 cec443dcbe20f54d02274f99b005edfbe45243c5
SHA256 254b235a05159593d246d61112c553015ad47e24faf20fe02ca240f5730d947b
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /build/prod/26.330.1/css/kondo/secure/_totalav/secure.min-1-bless-section.css?z=174 HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/build/prod/26.330.1/css/kondo/secure/_totalav/secure.min.css
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:24 GMT
content-type: text/css
content-length: 39213
x-guploader-uploadid: AKDAyIvWewfiVepFYQm_2JsAG_tOLR53hsozDqjW8geHrnguUToj8pS_U25L92qzXlhnNyiUCDvwUUA
x-goog-generation: 1744905359402413
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 39213
content-encoding: gzip
x-goog-hash: crc32c=Zs8pwg==, md5=bSsxASQU07v4LgickBKing==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
expires: Sun, 27 Apr 2025 22:25:24 GMT
cache-control: max-age=604800
last-modified: Thu, 17 Apr 2025 15:55:59 GMT
etag: "6d2b31012414d3bbf82e089c9012a29e"
age: 251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/build/prod/26.330.1/css/kondo/secure/_totalav/secure.min-1-bless-section.css?z=174>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pay.google.com/gp/p/js/pay.js
200 OK 189 kB URL
pay.google.com/gp/p/js/pay.js
IP / ASN
74.125.131.92
#15169 GOOGLE
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (2118)
First Seen 2025-04-17
Last Seen 2025-04-21
Times Seen 6
Size 189 kB (189135 bytes)
MD5 b3d2ad3da087289f4fe51ebfb861c227
SHA1 47114c0a0c7835ce1f97226a1bbc9b977e0ca906
SHA256 7fd549aff1ddf95d699b8179851a86224f3942c6b21f548b8a55098fdc3ab1d1
Certificate Info
Issuer Google Trust Services
Subject *.google.com
Fingerprint 67:52:2F:AB:93:DE:39:DA:94:50:11:AE:8B:37:CB:88:8F:DC:56:7D
Validity Mon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT
GET /gp/p/js/pay.js HTTP/1.1
Host: pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
expires: Sun, 20 Apr 2025 22:25:28 GMT
date: Sun, 20 Apr 2025 22:25:28 GMT
cache-control: private, max-age=600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport, script-src 'nonce-WDC-ha5DxHcMOthd5GKxqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/allowlist, script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmJw0JBiWFYqxbBkphRDwbLprK03z7FOBuK5AedZwzPPsxqtPc_qAMSGCpdY7YH4V94l1iKJK6wNQFwfepU1lvca6yyLa6wBWddYDZ5fZ-1Su8H6qeoGq0D1DdYFc26wFgbdZM3ouMlq03uT1UTvFuuajbdYNwOxEA_HjRdTD7AJNLz73MSopJ2UXxifmVdckphXklRamVaUn1eSmpdSnFpUlloUb2RgZGpgYmihZ2ASX2AAABwASIU"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=523=OnttymeKDPrlnpXwJMHJOKuzbNCmaTDEwJ0K_ZumKp7iWJpAxXeJzLvwrm7tVxApUC6HU3Cki-tXtfeG93VYyr5UvgMHLQjxZKiuIQ-3ROH1_MTQ5H1Myt-NRY7clemQZ1nEZ27WGAiXch2233rCA4hpXPoRivLjdLMhUWMNS1SQCOyvJHesMTuY7xSNSAcGgps5teTSV0k2_vQ8OeQf6e3HVPOqTL1T0AanAA; expires=Mon, 20-Oct-2025 22:25:28 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/am=ADDgAQ/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhL5wLZ-Ce5lxIFnL3ajBObvn1PaA/m=_b,_tp
200 OK 174 kB URL
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/am=ADDgAQ/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhL5wLZ-Ce5lxIFnL3ajBObvn1PaA/m=_b,_tp
IP / ASN
172.217.21.163
#15169 GOOGLE
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.totalav.com&mid=
Resource Info
File type JavaScript source, ASCII text, with very long lines (1756)
First Seen 2025-04-18
Last Seen 2025-04-21
Times Seen 35
Size 174 kB (174293 bytes)
MD5 645432c3c139c05dcec24f3a2f9852f7
SHA1 0d95ba4ee0f443aa4fa8690a329783a9cf338283
SHA256 323207dbf6770cdb7e41ac1bc0bb768b537b6274729578368f0e39f79aadcf8c
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
Validity Mon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/am=ADDgAQ/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhL5wLZ-Ce5lxIFnL3ajBObvn1PaA/m=_b,_tp HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 61541
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Apr 2025 17:38:31 GMT
expires: Sat, 18 Apr 2026 17:38:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Fri, 18 Apr 2025 04:43:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 190018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET signup.totalav.com/auto/signup?c=211f0aae646528bc930542c5001082eesv1fm7&path=%2Fultra-deal-20-1
302 Found 269 kB URL
signup.totalav.com/auto/signup?c=211f0aae646528bc930542c5001082eesv1fm7&path=%2Fultra-deal-20-1
IP / ASN
34.8.249.45
#396982 GOOGLE-CLOUD-PLATFORM
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 269 kB (268556 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint 5A:73:11:F3:B1:42:78:E2:B4:CD:A7:E0:53:D0:89:C8:01:AF:D1:BA
Validity Tue, 05 Nov 2024 00:00:00 GMT - Wed, 05 Nov 2025 23:59:59 GMT
GET /auto/signup?c=211f0aae646528bc930542c5001082eesv1fm7&path=%2Fultra-deal-20-1 HTTP/1.1
Host: signup.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 20 Apr 2025 22:25:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
set-cookie: PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; path=/; domain=totalav.com; secure; HttpOnly; SameSite=Lax
FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; expires=Mon, 20-Apr-2026 22:25:20 GMT; Max-Age=31536000; path=/; domain=.totalav.com
FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; expires=Tue, 20-May-2025 22:25:20 GMT; Max-Age=2592000; path=/; domain=.totalav.com
FRT:SIGNUPSOURCE=ultra-deal; expires=Mon, 20-Apr-2026 22:25:20 GMT; Max-Age=31536000; path=/; domain=.totalav.com
FRT:LANDER=ultra-deal-20-1; expires=Mon, 20-Apr-2026 22:25:20 GMT; Max-Age=31536000; path=/; domain=.totalav.com
_snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; expires=Mon, 20-Apr-2026 22:25:20 GMT; Max-Age=31536000; path=/; domain=.totalav.com
3PROD=TAVPREM; path=/; domain=.totalav.com
LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiI5YTJhMzExZGQ0NGRkYjA5ZmQwMDY4OTUwNWFmNmRkM2QzNWQ4MDc0YjNhMDJhOWM3MWFjMDhhM2I2YWY5NmZjMzU5NjNkOGMyNjdhMzQxYjgyNGZmNDIyNDE2ZjM2Y2Q4NTI5ODI1YTg3YTMwZWE2MjA2NDhkZTMyZjRjMzA4ZGI4Y2IzN2I4NjE0NjU1MDhmY2M3MTI0YzQyZDFmMzAyNDg4ZDYwNTM5OTVmMWYwZmZlMWQzYzRmNGQ4ZTNmNWVhMjlmYTE1NTFmMGE1MWM0OGM0N2Y0ZWE0MWFiNTU1MTFmMzNlY2Q3YTgxNzU2ZjExZDVhNDNiMTcwM2RkYzdjMzRhOTA4NGM3MGNiNDYwMzFhOWI4MTE0Mjc1MjFhZWI4YmM0OTQwYmU4YjU4MGJhYzgxNDA4MGUyOTI1NmFiOWFmNDMxM2VhNTllYjdlOThmNjE1ZmM3MmE5MWEzNjkwMzI3ZjRmZGEyNjMyODgxZWYwYjc2NWZkZGZmMTQzNGZmYmIxODM2YzFjNWUwZDg3NWYxYThiYjQ1ODkxOTQ0MDkwMWY1Mzk0NzcwZDc4MjRlNDk4OTRiN2NhNzY5NzVhNGE3NGUxMjU5YzJjYjE0YWU1MDgxN2ZhYjllMWE2ZTM5NDZmOTUwNjk1NGE0YjExYTIwN2I4MmQ1YzgyMTU2NmRjOWQwMDY3OWNhYjU1YzRlODljYjJmYWFhNjM5N2RiY2IwODlkMWNlN2ZkMTQ0MDMxN2FhNmU3NzU4NDM1NjVjYTM0IiwidXNlcklkIjoxOTUyNTA4NDAsImlhdCI6MTc0NTE4NzkyMH0.Xz1BvTGxJMsa5n3Xq5hfJBo7XQ6lIzfciS2_Tk9l6rMUTNiJZFUkpM88kGxdheUOHTX8lrjtuhdD1tGqcQrAfGCfklpPPX9q6wshFgRpt8Ibfb693syQ8pFMe7uAXtAKSrzKP1FJ0RdWZ7w6eBDsPtloBxOexSjFketcDdJVO1ygVjGZYhMIdYt5Cbrn3opJpRBIit8okjjRv35ylCqZ5u9rH--NOLK8tcSgHcEQsgC3ZMftBvdXfsDj8GXqH4HvoGz-W2lE8rblam7w9Z_0x6fPn44gqwhG3FqeKtGhruwGJqrsFzbh9CXMuRBhX8ltbLFSnePKEjoDkESKs2g8yQ; expires=Mon, 20-Apr-2026 22:25:20 GMT; Max-Age=31536000; path=/; domain=.totalav.com; secure; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
location: https://secure.totalav.com/
via: 1.1 google
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET resources.totalav.com/img/global/favicons/lock/android-chrome-192x192.png
404 Not Found 0 B URL
resources.totalav.com/img/global/favicons/lock/android-chrome-192x192.png
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/global/favicons/lock/android-chrome-192x192.png HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: keycdn
date: Sun, 20 Apr 2025 22:25:26 GMT
content-type: text/html
etag: W/"6752de11-59e"
x-edge-location: noos
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
200 OK 178 kB URL
cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://cdn.prod.pci-bridge.com/v1.1.12/iframe.html
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
First Seen 2025-02-23
Last Seen 2025-08-02
Times Seen 259
Size 178 kB (177963 bytes)
MD5 ff5b8e4bfc74ae4e0b214c2403280c56
SHA1 2b69f6635449f4b036ebaa6300ae1575e2f57ec4
SHA256 f5265190a503c84089f255b5ae9cbc12ce99e21052ab93b5d5c14c15e834f514
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/js/pcibridge.js HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoaXbMrNIlOWEkRH0rWQnQoMrx4gKQ1gV1SjB8OoJkxVtHSplEQfVyK6Rs1pniG2B6r5Ps5tMc
x-goog-generation: 1720016312304109
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 59041
content-encoding: gzip
x-goog-hash: crc32c=4ShYPQ==, md5=ZUdfdYF5HH37rtiA5NJdVA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 59041
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 19:22:29 GMT
age: 10977
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "65475f7581791c7dfbaed880e4d25d54"
content-type: application/javascript
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.totalav.com/ultra-deal-20-1
307 Temporary Redirect 269 kB URL
www.totalav.com/ultra-deal-20-1
IP / ASN
34.8.249.45
#396982 GOOGLE-CLOUD-PLATFORM
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 269 kB (268556 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint 5A:73:11:F3:B1:42:78:E2:B4:CD:A7:E0:53:D0:89:C8:01:AF:D1:BA
Validity Tue, 05 Nov 2024 00:00:00 GMT - Wed, 05 Nov 2025 23:59:59 GMT
GET /ultra-deal-20-1 HTTP/1.1
Host: www.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Sun, 20 Apr 2025 22:25:19 GMT
location: https://signup.totalav.com/auto/signup?c=211f0aae646528bc930542c5001082eesv1fm7&path=%2Fultra-deal-20-1
set-cookie: FRT:SIGNUPSOURCE=ultra-deal; path=/; domain=.totalav.com; httponly; samesite=lax
FRT:LANDER=ultra-deal-20-1; path=/; domain=.totalav.com; httponly; samesite=lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET cdn.prod.pci-bridge.com/v1.1.12/iframe.html
200 OK 169 B URL
cdn.prod.pci-bridge.com/v1.1.12/iframe.html
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://secure.totalav.com/
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2023-09-16
Last Seen 2025-08-02
Times Seen 258
Size 169 B (169 bytes)
MD5 0bb464f3a9f4e735a145dcbd224d445f
SHA1 1c90a8000a7a861964bbdd92d2365acffe0647ca
SHA256 6a65d5c9f1c41bb41e5dd0ccad80d343676f5d8db32526b302897c567547c314
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/iframe.html HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoVZU1r5tnUwsuqrC0_9h-zg84Lh9RvYrkFQTi3Smft84hLZRB59mp0wgBxAqgPxDGD03KYpMo
x-goog-generation: 1720016312480331
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 163
content-encoding: gzip
x-goog-hash: crc32c=OQe43g==, md5=bhIIuCNtVpZF1icaUn+08Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 163
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 14:56:13 GMT
age: 26953
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "6e1208b8236d569645d6271a527fb4f1"
content-type: text/html
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST ssl.kaptcha.com/md
200 OK 0 B IP / ASN
54.148.115.137
#16509 AMAZON-02
Requested by https://ssl.kaptcha.com/logo.htm?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject ssl.kaptcha.com
Fingerprint E9:49:88:A3:4E:A8:0F:2D:13:00:DC:05:6E:45:BB:F9:08:5C:0B:5D
Validity Mon, 15 Jul 2024 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT
POST /md HTTP/1.1
Host: ssl.kaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 261
Origin: https://ssl.kaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://ssl.kaptcha.com/logo.htm?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6
Cookie: k=29697030e2934d70996ac396c54ffc92
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 92ab1da4-d35a-406e-83ba-34763b136b1f
Date: Sun, 20 Apr 2025 22:25:31 GMT
Content-Length: 0
GET todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmtleT04Mjg5NmIyMzMyYjc0ZGZjNmZlYzcxYmZjZDMxY2JhNiZrdz0lNUIlMjJwbGF5ZXI0dSUyMiUyQyUyMi0lMjIlMkMlMjJzZWFyY2glMjIlMkMlMjJhbmQlMjIlMkMlMjJlbWJlZCUyMiU1RCZsd3Q9MzUmcHNpZD1odHRwcyUzQSUyRiUyRnd3NC4xMjNtb3ZpZXNmcmVlLm5ldCZwc3Q9MTc0NTE4Nzk1MCZyZWZlcj1odHRwcyUzQSUyRiUyRnBsYXllcjR1Lnh5eiUyRmVtYmVkJTNGa2V5JTNEVmlkZW8lMjUyMEdhbWUlMjUyMEhpZ2glMjUyMFNjaG9vbCZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTJkMzA4NzJmODQ0MzVhOWVjMGI1M2FiYjQ2ZTcxZWIxMTUxMWY5M2Y3NTlmZTMwYjIwYWU1YmQ5N2MzZGZkYjgyZTQxNzBhYWQ5Y2IyZjE4ZjIyZDg4NTRiMjhmNGMyZmIzZGI3ZTEwM2M1ZmNjYjMyOTRhYzkyNmU5ODQ5OWYxMmU3ZDdlOTEwZWExNjY2Zjc5YmRiYjlkZDYwNjI4Y2QyNGY2NzU3ODBjNjU4MDBhODQwYjJiJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdj0yNS4zLjIzODgmcGlpPSZpbj0mdXVpZD04MzEyOTczZS03MjMzLTRhMTctYjAxYS02MzYxMmQzNzMzZTclM0ExJTNBMQ
307 Temporary Redirect 5.4 kB URL
todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmtleT04Mjg5NmIyMzMyYjc0ZGZjNmZlYzcxYmZjZDMxY2JhNiZrdz0lNUIlMjJwbGF5ZXI0dSUyMiUyQyUyMi0lMjIlMkMlMjJzZWFyY2glMjIlMkMlMjJhbmQlMjIlMkMlMjJlbWJlZCUyMiU1RCZsd3Q9MzUmcHNpZD1odHRwcyUzQSUyRiUyRnd3NC4xMjNtb3ZpZXNmcmVlLm5ldCZwc3Q9MTc0NTE4Nzk1MCZyZWZlcj1odHRwcyUzQSUyRiUyRnBsYXllcjR1Lnh5eiUyRmVtYmVkJTNGa2V5JTNEVmlkZW8lMjUyMEdhbWUlMjUyMEhpZ2glMjUyMFNjaG9vbCZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTJkMzA4NzJmODQ0MzVhOWVjMGI1M2FiYjQ2ZTcxZWIxMTUxMWY5M2Y3NTlmZTMwYjIwYWU1YmQ5N2MzZGZkYjgyZTQxNzBhYWQ5Y2IyZjE4ZjIyZDg4NTRiMjhmNGMyZmIzZGI3ZTEwM2M1ZmNjYjMyOTRhYzkyNmU5ODQ5OWYxMmU3ZDdlOTEwZWExNjY2Zjc5YmRiYjlkZDYwNjI4Y2QyNGY2NzU3ODBjNjU4MDBhODQwYjJiJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdj0yNS4zLjIzODgmcGlpPSZpbj0mdXVpZD04MzEyOTczZS03MjMzLTRhMTctYjAxYS02MzYxMmQzNzMzZTclM0ExJTNBMQ
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 5.4 kB (5367 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject todayswigcontagious.com
Fingerprint 2E:37:28:ED:7C:6C:62:06:8E:41:C7:43:B0:3B:27:71:D7:AE:61:0C
Validity Tue, 18 Mar 2025 08:19:33 GMT - Mon, 16 Jun 2025 08:19:32 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmtleT04Mjg5NmIyMzMyYjc0ZGZjNmZlYzcxYmZjZDMxY2JhNiZrdz0lNUIlMjJwbGF5ZXI0dSUyMiUyQyUyMi0lMjIlMkMlMjJzZWFyY2glMjIlMkMlMjJhbmQlMjIlMkMlMjJlbWJlZCUyMiU1RCZsd3Q9MzUmcHNpZD1odHRwcyUzQSUyRiUyRnd3NC4xMjNtb3ZpZXNmcmVlLm5ldCZwc3Q9MTc0NTE4Nzk1MCZyZWZlcj1odHRwcyUzQSUyRiUyRnBsYXllcjR1Lnh5eiUyRmVtYmVkJTNGa2V5JTNEVmlkZW8lMjUyMEdhbWUlMjUyMEhpZ2glMjUyMFNjaG9vbCZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTJkMzA4NzJmODQ0MzVhOWVjMGI1M2FiYjQ2ZTcxZWIxMTUxMWY5M2Y3NTlmZTMwYjIwYWU1YmQ5N2MzZGZkYjgyZTQxNzBhYWQ5Y2IyZjE4ZjIyZDg4NTRiMjhmNGMyZmIzZGI3ZTEwM2M1ZmNjYjMyOTRhYzkyNmU5ODQ5OWYxMmU3ZDdlOTEwZWExNjY2Zjc5YmRiYjlkZDYwNjI4Y2QyNGY2NzU3ODBjNjU4MDBhODQwYjJiJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdj0yNS4zLjIzODgmcGlpPSZpbj0mdXVpZD04MzEyOTczZS03MjMzLTRhMTctYjAxYS02MzYxMmQzNzMzZTclM0ExJTNBMQ HTTP/1.1
Host: todayswigcontagious.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 20 Apr 2025 22:25:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
location: https://todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmtleT04Mjg5NmIyMzMyYjc0ZGZjNmZlYzcxYmZjZDMxY2JhNiZrdz0lNUIlMjJwbGF5ZXI0dSUyMiUyQyUyMi0lMjIlMkMlMjJzZWFyY2glMjIlMkMlMjJhbmQlMjIlMkMlMjJlbWJlZCUyMiU1RCZsd3Q9MzUmcHNpZD1odHRwcyUzQSUyRiUyRnd3NC4xMjNtb3ZpZXNmcmVlLm5ldCZyZWZlcj1odHRwcyUzQSUyRiUyRnBsYXllcjR1Lnh5eiUyRmVtYmVkJTNGa2V5JTNEVmlkZW8lMjUyMEdhbWUlMjUyMEhpZ2glMjUyMFNjaG9vbCZyZXM9MTQuMzEmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzdWIzPWludm9rZV9sYXllciZ0ej0yJnY9MjUuMy4yMzg4JmRscnQ9dA
x-envoy-upstream-service-time: 1
Host: todayswigcontagious.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 060d5b54a4a74547937d306077170fa4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
200 OK 178 kB URL
cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://cdn.prod.pci-bridge.com/v1.1.12/iframe.html
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
First Seen 2025-02-23
Last Seen 2025-08-02
Times Seen 259
Size 178 kB (177963 bytes)
MD5 ff5b8e4bfc74ae4e0b214c2403280c56
SHA1 2b69f6635449f4b036ebaa6300ae1575e2f57ec4
SHA256 f5265190a503c84089f255b5ae9cbc12ce99e21052ab93b5d5c14c15e834f514
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/js/pcibridge.js HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoaXbMrNIlOWEkRH0rWQnQoMrx4gKQ1gV1SjB8OoJkxVtHSplEQfVyK6Rs1pniG2B6r5Ps5tMc
x-goog-generation: 1720016312304109
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 59041
content-encoding: gzip
x-goog-hash: crc32c=4ShYPQ==, md5=ZUdfdYF5HH37rtiA5NJdVA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 59041
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 19:22:29 GMT
age: 10978
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "65475f7581791c7dfbaed880e4d25d54"
content-type: application/javascript
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET url.totalav.com/67e2e8814c081/click/17906/3033d722-61c9-4804-b189-4292be035cc8//
301 Moved Permanently 269 kB URL
url.totalav.com/67e2e8814c081/click/17906/3033d722-61c9-4804-b189-4292be035cc8//
IP / ASN
35.224.74.90
#396982 GOOGLE-CLOUD-PLATFORM
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 269 kB (268556 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject affiliates.totalav.com
Fingerprint 77:13:9F:05:A2:7A:09:C9:C8:F0:BD:8F:DA:67:73:55:12:6E:FD:60
Validity Mon, 24 Mar 2025 03:11:57 GMT - Sun, 22 Jun 2025 03:11:56 GMT
GET /67e2e8814c081/click/17906/3033d722-61c9-4804-b189-4292be035cc8// HTTP/1.1
Host: url.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sun, 20 Apr 2025 22:25:19 GMT
content-type: text/html; charset=UTF-8
location: https://www.totalav.com/ultra-deal-20-1
set-cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; expires=Sat, 19-Jul-2025 22:25:19 GMT; Max-Age=7776000; path=/; domain=.totalav.com
FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; expires=Sat, 19-Jul-2025 22:25:19 GMT; Max-Age=7776000; path=/; domain=.totalav.com
FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; expires=Sat, 19-Jul-2025 22:25:19 GMT; Max-Age=7776000; path=/; domain=.totalav.com
FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; expires=Sat, 19-Jul-2025 22:25:19 GMT; Max-Age=7776000; path=/; domain=.totalav.com
x-content-type-options: nosniff
access-control-allow-origin: *
x-execution-time: 39.733 ms
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
GET url.totalav.com/fp/init/fortifi.js
200 OK 614 B URL
url.totalav.com/fp/init/fortifi.js
IP / ASN
35.224.74.90
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (614), with no line terminators
First Seen 2025-04-20
Last Seen 2025-04-20
Times Seen 1
Size 614 B (614 bytes)
MD5 f88e3f088886079c20841c98ecbf0e4b
SHA1 7b1e459bbe4ae98e81c54b395cf400e0e5199ec3
SHA256 d3cae11bb5990aca44f2614ccd308d851d80d9295099bfcad63a6c1709a6581a
Certificate Info
Issuer Let's Encrypt
Subject affiliates.totalav.com
Fingerprint 77:13:9F:05:A2:7A:09:C9:C8:F0:BD:8F:DA:67:73:55:12:6E:FD:60
Validity Mon, 24 Mar 2025 03:11:57 GMT - Sun, 22 Jun 2025 03:11:56 GMT
GET /fp/init/fortifi.js HTTP/1.1
Host: url.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:25:26 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
GET cdn.prod.pci-bridge.com/v1.1.12/iframe.html
200 OK 169 B URL
cdn.prod.pci-bridge.com/v1.1.12/iframe.html
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://secure.totalav.com/
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2023-09-16
Last Seen 2025-08-02
Times Seen 258
Size 169 B (169 bytes)
MD5 0bb464f3a9f4e735a145dcbd224d445f
SHA1 1c90a8000a7a861964bbdd92d2365acffe0647ca
SHA256 6a65d5c9f1c41bb41e5dd0ccad80d343676f5d8db32526b302897c567547c314
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/iframe.html HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoVZU1r5tnUwsuqrC0_9h-zg84Lh9RvYrkFQTi3Smft84hLZRB59mp0wgBxAqgPxDGD03KYpMo
x-goog-generation: 1720016312480331
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 163
content-encoding: gzip
x-goog-hash: crc32c=OQe43g==, md5=bhIIuCNtVpZF1icaUn+08Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 163
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 14:56:13 GMT
age: 26953
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "6e1208b8236d569645d6271a527fb4f1"
content-type: text/html
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET url.totalav.com/px/init/fortifi.js
200 OK 0 B URL
url.totalav.com/px/init/fortifi.js
IP / ASN
35.224.74.90
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://secure.totalav.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject affiliates.totalav.com
Fingerprint 77:13:9F:05:A2:7A:09:C9:C8:F0:BD:8F:DA:67:73:55:12:6E:FD:60
Validity Mon, 24 Mar 2025 03:11:57 GMT - Sun, 22 Jun 2025 03:11:56 GMT
GET /px/init/fortifi.js HTTP/1.1
Host: url.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:25:25 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
GET www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
200 OK 84 kB URL
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
IP / ASN
172.217.21.163
#15169 GOOGLE
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.totalav.com&mid=
Resource Info
File type JavaScript source, ASCII text, with very long lines (1203)
First Seen 2025-04-18
Last Seen 2025-04-21
Times Seen 33
Size 84 kB (84319 bytes)
MD5 303440546f58db7ff763767fa178dd0c
SHA1 bdd8f25598407691fbcff2b8bd4be70eccdbca11
SHA256 a4073a9ee31629f13767a4aaf7f967c47e6b637f086c363a3ad77a18a700acba
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
Validity Mon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 30528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Apr 2025 19:37:02 GMT
expires: Sat, 18 Apr 2026 19:37:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Fri, 18 Apr 2025 04:43:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 182907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmtleT04Mjg5NmIyMzMyYjc0ZGZjNmZlYzcxYmZjZDMxY2JhNiZrdz0lNUIlMjJwbGF5ZXI0dSUyMiUyQyUyMi0lMjIlMkMlMjJzZWFyY2glMjIlMkMlMjJhbmQlMjIlMkMlMjJlbWJlZCUyMiU1RCZsd3Q9MzUmcHNpZD1odHRwcyUzQSUyRiUyRnd3NC4xMjNtb3ZpZXNmcmVlLm5ldCZyZWZlcj1odHRwcyUzQSUyRiUyRnBsYXllcjR1Lnh5eiUyRmVtYmVkJTNGa2V5JTNEVmlkZW8lMjUyMEdhbWUlMjUyMEhpZ2glMjUyMFNjaG9vbCZyZXM9MTQuMzEmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzdWIzPWludm9rZV9sYXllciZ0ej0yJnY9MjUuMy4yMzg4JmRscnQ9dA
200 OK 5.4 kB URL
todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmtleT04Mjg5NmIyMzMyYjc0ZGZjNmZlYzcxYmZjZDMxY2JhNiZrdz0lNUIlMjJwbGF5ZXI0dSUyMiUyQyUyMi0lMjIlMkMlMjJzZWFyY2glMjIlMkMlMjJhbmQlMjIlMkMlMjJlbWJlZCUyMiU1RCZsd3Q9MzUmcHNpZD1odHRwcyUzQSUyRiUyRnd3NC4xMjNtb3ZpZXNmcmVlLm5ldCZyZWZlcj1odHRwcyUzQSUyRiUyRnBsYXllcjR1Lnh5eiUyRmVtYmVkJTNGa2V5JTNEVmlkZW8lMjUyMEdhbWUlMjUyMEhpZ2glMjUyMFNjaG9vbCZyZXM9MTQuMzEmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzdWIzPWludm9rZV9sYXllciZ0ej0yJnY9MjUuMy4yMzg4JmRscnQ9dA
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Resource Info
File type HTML document, ASCII text, with very long lines (5366)
First Seen 2025-04-20
Last Seen 2025-04-20
Times Seen 1
Size 5.4 kB (5367 bytes)
MD5 f450064d11bd58ccb9f050f588bcbecd
SHA1 0a9760c196c4e340f3cf9d50d67d1f8c78594c5f
SHA256 8aeb594e17555ce48bcf07ba11da89b395f66896e45bc2338ece62be87c92fe2
Certificate Info
Issuer Let's Encrypt
Subject todayswigcontagious.com
Fingerprint 2E:37:28:ED:7C:6C:62:06:8E:41:C7:43:B0:3B:27:71:D7:AE:61:0C
Validity Tue, 18 Mar 2025 08:19:33 GMT - Mon, 16 Jun 2025 08:19:32 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmtleT04Mjg5NmIyMzMyYjc0ZGZjNmZlYzcxYmZjZDMxY2JhNiZrdz0lNUIlMjJwbGF5ZXI0dSUyMiUyQyUyMi0lMjIlMkMlMjJzZWFyY2glMjIlMkMlMjJhbmQlMjIlMkMlMjJlbWJlZCUyMiU1RCZsd3Q9MzUmcHNpZD1odHRwcyUzQSUyRiUyRnd3NC4xMjNtb3ZpZXNmcmVlLm5ldCZyZWZlcj1odHRwcyUzQSUyRiUyRnBsYXllcjR1Lnh5eiUyRmVtYmVkJTNGa2V5JTNEVmlkZW8lMjUyMEdhbWUlMjUyMEhpZ2glMjUyMFNjaG9vbCZyZXM9MTQuMzEmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzdWIzPWludm9rZV9sYXllciZ0ej0yJnY9MjUuMy4yMzg4JmRscnQ9dA HTTP/1.1
Host: todayswigcontagious.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 20 Apr 2025 22:25:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
set-cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDA0NjA4NiwiayI6IjgyODk2YjIzMzJiNzRkZmM2ZmVjNzFiZmNkMzFjYmE2Iiwic2lkIjoiaHR0cHM6Ly93dzQuMTIzbW92aWVzZnJlZS5uZXQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjI3OTEyOTEsInBpZCI6MTgwMTAyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MjgsInB0Ijo0LCJwayI6InBkNmJncDhlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wbGF5ZXI0dS54eXovZW1iZWQ_a2V5PVZpZGVvJTIwR2FtZSUyMEhpZ2glMjBTY2hvb2wiLCJhciI6W119fQ.TSt0miEVCojM565gXQcFMiiJXlgDa6bObnZekA35jU8; expires=Sun, 20 Apr 2025 22:26:16 GMT; path=/
x-envoy-upstream-service-time: 1
Host: todayswigcontagious.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 49c27a97361be83d803d5fb6c9188696
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET resources.totalav.com/font/roboto/Roboto-Regular-webfont.woff
200 OK 25 kB URL
resources.totalav.com/font/roboto/Roboto-Regular-webfont.woff
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Web Open Font Format, TrueType, length 25020, version 1.0
First Seen 2023-04-17
Last Seen 2025-08-02
Times Seen 636
Size 25 kB (25020 bytes)
MD5 3e5675c89f974f7811eeaf07e2dd5ba3
SHA1 99d93e1e3636f86c85b0c7c4da2077b4f1ee010c
SHA256 a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /font/roboto/Roboto-Regular-webfont.woff HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:25 GMT
content-type: font/woff
content-length: 25020
x-goog-generation: 1566228812946299
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 25020
x-goog-hash: crc32c=eaGOPA==, md5=PlZ1yJ+XT3gR7q8H4t1bow==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: AFiumC5_uan1GhK2sN0ndUM5RjhvPXQ37xzmnkgA1Tb0fjAulQ2ZSNSjBw2-YdfNbAldDwGJKCelb7DpQg
expires: Sun, 27 Apr 2025 22:25:25 GMT
cache-control: max-age=604800
last-modified: Mon, 19 Aug 2019 15:33:32 GMT
etag: "3e5675c89f974f7811eeaf07e2dd5ba3"
age: 744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/font/roboto/Roboto-Regular-webfont.woff>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
200 OK 178 kB URL
cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://cdn.prod.pci-bridge.com/v1.1.12/iframe.html
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
First Seen 2025-02-23
Last Seen 2025-08-02
Times Seen 259
Size 178 kB (177963 bytes)
MD5 ff5b8e4bfc74ae4e0b214c2403280c56
SHA1 2b69f6635449f4b036ebaa6300ae1575e2f57ec4
SHA256 f5265190a503c84089f255b5ae9cbc12ce99e21052ab93b5d5c14c15e834f514
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/js/pcibridge.js HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoaXbMrNIlOWEkRH0rWQnQoMrx4gKQ1gV1SjB8OoJkxVtHSplEQfVyK6Rs1pniG2B6r5Ps5tMc
x-goog-generation: 1720016312304109
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 59041
content-encoding: gzip
x-goog-hash: crc32c=4ShYPQ==, md5=ZUdfdYF5HH37rtiA5NJdVA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 59041
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 19:22:29 GMT
age: 10978
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "65475f7581791c7dfbaed880e4d25d54"
content-type: application/javascript
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.cdnfonts.com/css/sf-pro-display
200 OK 1.9 kB URL
fonts.cdnfonts.com/css/sf-pro-display
IP / ASN
172.67.184.158
#13335 CLOUDFLARENET
Requested by https://secure.totalav.com/
Resource Info
File type ASCII text
First Seen 2024-12-02
Last Seen 2025-08-02
Times Seen 290
Size 1.9 kB (1946 bytes)
MD5 751bddbee1b2ea1581dab2baeb2c29f0
SHA1 4d84900f4e08c54f32002a71c21ec94a97a7363b
SHA256 5ac7863e22f33bbf9c3186e919b9c227021236915dd0317d9f4851a63644c09c
Certificate Info
Issuer Google Trust Services
Subject cdnfonts.com
Fingerprint 24:7F:AE:E6:FA:40:B7:96:3B:12:C1:57:03:C7:9F:F5:6F:BA:58:9D
Validity Sun, 16 Mar 2025 09:19:10 GMT - Sat, 14 Jun 2025 10:17:30 GMT
GET /css/sf-pro-display HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:25:24 GMT
content-type: text/css;charset=UTF-8
content-encoding: br
cf-ray: 93380eb15e8bb50b-OSL
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 753483
last-modified: Sat, 12 Apr 2025 05:07:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ME9NhdHgmCaeDasgFlMInLWX56x0eWk78I9Ku0E9G7WjBCj5mhhdwLwgu46aXdqfKoXt8Q%2BeqzMB5TT1SFRDD9Rmys2uIQifcwGvoKOCo2ybiTq%2BNjCJdeti4fVb5rjN7IX57Lc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2060&min_rtt=454&rtt_var=2719&sent=10&recv=14&lost=0&retrans=1&sent_bytes=3307&recv_bytes=1219&delivery_rate=7168316&cwnd=254&unsent_bytes=0&cid=f0f167599a300080&ts=176&x=0"
X-Firefox-Spdy: h2
200 OK 269 kB IP / ASN
34.8.249.45
#396982 GOOGLE-CLOUD-PLATFORM
Resource Info
File type HTML document, ASCII text
First Seen 2025-04-20
Last Seen 2025-04-20
Times Seen 2
Size 269 kB (268556 bytes)
MD5 5ee3b99633117c6438882db11f3dddd1
SHA1 8f3a615981ed38539ce352cd901818610458c490
SHA256 1f4e4e1a94cba7c10dd43d222416e32d8b75048594def0e19049d1717840521f
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint 5A:73:11:F3:B1:42:78:E2:B4:CD:A7:E0:53:D0:89:C8:01:AF:D1:BA
Validity Tue, 05 Nov 2024 00:00:00 GMT - Wed, 05 Nov 2025 23:59:59 GMT
GET / HTTP/1.1
Host: secure.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiI5YTJhMzExZGQ0NGRkYjA5ZmQwMDY4OTUwNWFmNmRkM2QzNWQ4MDc0YjNhMDJhOWM3MWFjMDhhM2I2YWY5NmZjMzU5NjNkOGMyNjdhMzQxYjgyNGZmNDIyNDE2ZjM2Y2Q4NTI5ODI1YTg3YTMwZWE2MjA2NDhkZTMyZjRjMzA4ZGI4Y2IzN2I4NjE0NjU1MDhmY2M3MTI0YzQyZDFmMzAyNDg4ZDYwNTM5OTVmMWYwZmZlMWQzYzRmNGQ4ZTNmNWVhMjlmYTE1NTFmMGE1MWM0OGM0N2Y0ZWE0MWFiNTU1MTFmMzNlY2Q3YTgxNzU2ZjExZDVhNDNiMTcwM2RkYzdjMzRhOTA4NGM3MGNiNDYwMzFhOWI4MTE0Mjc1MjFhZWI4YmM0OTQwYmU4YjU4MGJhYzgxNDA4MGUyOTI1NmFiOWFmNDMxM2VhNTllYjdlOThmNjE1ZmM3MmE5MWEzNjkwMzI3ZjRmZGEyNjMyODgxZWYwYjc2NWZkZGZmMTQzNGZmYmIxODM2YzFjNWUwZDg3NWYxYThiYjQ1ODkxOTQ0MDkwMWY1Mzk0NzcwZDc4MjRlNDk4OTRiN2NhNzY5NzVhNGE3NGUxMjU5YzJjYjE0YWU1MDgxN2ZhYjllMWE2ZTM5NDZmOTUwNjk1NGE0YjExYTIwN2I4MmQ1YzgyMTU2NmRjOWQwMDY3OWNhYjU1YzRlODljYjJmYWFhNjM5N2RiY2IwODlkMWNlN2ZkMTQ0MDMxN2FhNmU3NzU4NDM1NjVjYTM0IiwidXNlcklkIjoxOTUyNTA4NDAsImlhdCI6MTc0NTE4NzkyMH0.Xz1BvTGxJMsa5n3Xq5hfJBo7XQ6lIzfciS2_Tk9l6rMUTNiJZFUkpM88kGxdheUOHTX8lrjtuhdD1tGqcQrAfGCfklpPPX9q6wshFgRpt8Ibfb693syQ8pFMe7uAXtAKSrzKP1FJ0RdWZ7w6eBDsPtloBxOexSjFketcDdJVO1ygVjGZYhMIdYt5Cbrn3opJpRBIit8okjjRv35ylCqZ5u9rH--NOLK8tcSgHcEQsgC3ZMftBvdXfsDj8GXqH4HvoGz-W2lE8rblam7w9Z_0x6fPn44gqwhG3FqeKtGhruwGJqrsFzbh9CXMuRBhX8ltbLFSnePKEjoDkESKs2g8yQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Apr 2025 22:25:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; expires=Mon, 20-Apr-2026 22:25:21 GMT; Max-Age=31536000; path=/; domain=.totalav.com
_snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; expires=Mon, 20-Apr-2026 22:25:21 GMT; Max-Age=31536000; path=/; domain=.totalav.com
LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; expires=Mon, 20-Apr-2026 22:25:21 GMT; Max-Age=31536000; path=/; domain=.totalav.com; secure; HttpOnly; SameSite=Lax
FRT:PROD=TAVPREM; path=/; domain=.totalav.com
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET resources.totalav.com/build/prod/26.330.1/svg-fonts/icons/av/kondo_solid/fonts/kondo_solid-icons.woff2?62a5b23853ea445b0bcd78b136829b0b
200 OK 6.1 kB URL
resources.totalav.com/build/prod/26.330.1/svg-fonts/icons/av/kondo_solid/fonts/kondo_solid-icons.woff2?62a5b23853ea445b0bcd78b136829b0b
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 6108, version 1.0
First Seen 2023-09-16
Last Seen 2025-08-02
Times Seen 260
Size 6.1 kB (6108 bytes)
MD5 f9f89693b772b1c84688d7f9cf790246
SHA1 eaec8fa2761817c30208a59c693c56ca7cdefe8d
SHA256 c991af649faefcecc5430ceaf3aa782428137e4742529c573937cca23a94b06f
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /build/prod/26.330.1/svg-fonts/icons/av/kondo_solid/fonts/kondo_solid-icons.woff2?62a5b23853ea445b0bcd78b136829b0b HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:25 GMT
content-type: font/woff2
x-guploader-uploadid: AKDAyIuyjXDeezEKRAHY0REtDOG7Qr6fyXxShJHcGWORTDUIJHtXYxvbDICswet5rJH68Qouwm9EKUM
x-goog-generation: 1744905382112702
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 6143
x-goog-hash: crc32c=vlzbpw==, md5=eXvxSURnm+OmLtM70sVvlg==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sun, 27 Apr 2025 22:25:25 GMT
cache-control: max-age=604800
last-modified: Thu, 17 Apr 2025 15:56:22 GMT
etag: W/"797bf14944679be3a62ed33bd2c56f96"
age: 540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/build/prod/26.330.1/svg-fonts/icons/av/kondo_solid/fonts/kondo_solid-icons.woff2?62a5b23853ea445b0bcd78b136829b0b>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmRscnQ9dCZrZXk9ODI4OTZiMjMzMmI3NGRmYzZmZWM3MWJmY2QzMWNiYTYma3c9JTVCJTIycGxheWVyNHUlMjIlMkMlMjItJTIyJTJDJTIyc2VhcmNoJTIyJTJDJTIyYW5kJTIyJTJDJTIyZW1iZWQlMjIlNUQmbHd0PTM1JnBzaWQ9aHR0cHMlM0ElMkYlMkZ3dzQuMTIzbW92aWVzZnJlZS5uZXQmcHN0PTE3NDUxODc5NzYmcmVmZXI9aHR0cHMlM0ElMkYlMkZwbGF5ZXI0dS54eXolMkZlbWJlZCUzRmtleSUzRFZpZGVvJTI1MjBHYW1lJTI1MjBIaWdoJTI1MjBTY2hvb2wmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT1mMDUxZGZkY2E4N2MyZTA3ZmNiYjdkYjkxMDNlMmZjODAyYTY5ZDE1NmJkZjQzNmQ0M2M0MzQ0YTg1ZjRkZmFmNTgzMTFhNzk4MmI0MDU3MGUyOGMyMmY3NWQzMGU5MTU5NDVmNGQ2OTAzNWJmOWU4OTliODM2YWM5MjNjYzA1ZDNjOGY0MzQ5NDM0OTMyMmNhZDI3OWNiNjkwYTlmNDA1YzM3Y2IzMGJlOWYyZDRmMWMyNTk4MyZzdWIzPWludm9rZV9sYXllciZ0ej0yJnY9MjUuMy4yMzg4JnBpaT0maW49JnV1aWQ9
302 Found 331 B URL
todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmRscnQ9dCZrZXk9ODI4OTZiMjMzMmI3NGRmYzZmZWM3MWJmY2QzMWNiYTYma3c9JTVCJTIycGxheWVyNHUlMjIlMkMlMjItJTIyJTJDJTIyc2VhcmNoJTIyJTJDJTIyYW5kJTIyJTJDJTIyZW1iZWQlMjIlNUQmbHd0PTM1JnBzaWQ9aHR0cHMlM0ElMkYlMkZ3dzQuMTIzbW92aWVzZnJlZS5uZXQmcHN0PTE3NDUxODc5NzYmcmVmZXI9aHR0cHMlM0ElMkYlMkZwbGF5ZXI0dS54eXolMkZlbWJlZCUzRmtleSUzRFZpZGVvJTI1MjBHYW1lJTI1MjBIaWdoJTI1MjBTY2hvb2wmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT1mMDUxZGZkY2E4N2MyZTA3ZmNiYjdkYjkxMDNlMmZjODAyYTY5ZDE1NmJkZjQzNmQ0M2M0MzQ0YTg1ZjRkZmFmNTgzMTFhNzk4MmI0MDU3MGUyOGMyMmY3NWQzMGU5MTU5NDVmNGQ2OTAzNWJmOWU4OTliODM2YWM5MjNjYzA1ZDNjOGY0MzQ5NDM0OTMyMmNhZDI3OWNiNjkwYTlmNDA1YzM3Y2IzMGJlOWYyZDRmMWMyNTk4MyZzdWIzPWludm9rZV9sYXllciZ0ej0yJnY9MjUuMy4yMzg4JnBpaT0maW49JnV1aWQ9
IP / ASN
192.243.61.227
#39572 DataWeb Global Group B.V.
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 331 B (331 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject todayswigcontagious.com
Fingerprint 2E:37:28:ED:7C:6C:62:06:8E:41:C7:43:B0:3B:27:71:D7:AE:61:0C
Validity Tue, 18 Mar 2025 08:19:33 GMT - Mon, 16 Jun 2025 08:19:32 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmRscnQ9dCZrZXk9ODI4OTZiMjMzMmI3NGRmYzZmZWM3MWJmY2QzMWNiYTYma3c9JTVCJTIycGxheWVyNHUlMjIlMkMlMjItJTIyJTJDJTIyc2VhcmNoJTIyJTJDJTIyYW5kJTIyJTJDJTIyZW1iZWQlMjIlNUQmbHd0PTM1JnBzaWQ9aHR0cHMlM0ElMkYlMkZ3dzQuMTIzbW92aWVzZnJlZS5uZXQmcHN0PTE3NDUxODc5NzYmcmVmZXI9aHR0cHMlM0ElMkYlMkZwbGF5ZXI0dS54eXolMkZlbWJlZCUzRmtleSUzRFZpZGVvJTI1MjBHYW1lJTI1MjBIaWdoJTI1MjBTY2hvb2wmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTA4MCZzY3JXaWR0aD0xOTIwJnNoaXA9JnNodT1mMDUxZGZkY2E4N2MyZTA3ZmNiYjdkYjkxMDNlMmZjODAyYTY5ZDE1NmJkZjQzNmQ0M2M0MzQ0YTg1ZjRkZmFmNTgzMTFhNzk4MmI0MDU3MGUyOGMyMmY3NWQzMGU5MTU5NDVmNGQ2OTAzNWJmOWU4OTliODM2YWM5MjNjYzA1ZDNjOGY0MzQ5NDM0OTMyMmNhZDI3OWNiNjkwYTlmNDA1YzM3Y2IzMGJlOWYyZDRmMWMyNTk4MyZzdWIzPWludm9rZV9sYXllciZ0ej0yJnY9MjUuMy4yMzg4JnBpaT0maW49JnV1aWQ9 HTTP/1.1
Host: todayswigcontagious.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2tleT0xMGFmYWVjMzU0MDRmZmQ1ZWRiYWQwMTMxYmIzOGVlNiZzdWJtZXRyaWM9MjAwNDYwODY
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDA0NjA4NiwiayI6IjgyODk2YjIzMzJiNzRkZmM2ZmVjNzFiZmNkMzFjYmE2Iiwic2lkIjoiaHR0cHM6Ly93dzQuMTIzbW92aWVzZnJlZS5uZXQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjI3OTEyOTEsInBpZCI6MTgwMTAyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MjgsInB0Ijo0LCJwayI6InBkNmJncDhlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wbGF5ZXI0dS54eXovZW1iZWQ_a2V5PVZpZGVvJTIwR2FtZSUyMEhpZ2glMjBTY2hvb2wiLCJhciI6W119fQ.TSt0miEVCojM565gXQcFMiiJXlgDa6bObnZekA35jU8; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sun, 20 Apr 2025 22:25:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://momotrk.com/click?key=66e5a790cc9067f6c530&t=0.000500&t1=0.500000&t2=20046086&t3=180102&t4=2791291&t5=3280004&t6=s&t12=Movies
Set-Cookie: iprcf7765f1f32de17e21df57f4a3743d157=5807120; expires=Mon, 21 Apr 2025 22:25:17 GMT; path=/
pdhtkv=true; expires=Mon, 21 Apr 2025 22:25:17 GMT; path=/
uncs=1; expires=Mon, 21 Apr 2025 22:25:17 GMT; path=/
pdhtkv28=true; expires=Mon, 21 Apr 2025 22:25:17 GMT; path=/
uncs28=1; expires=Mon, 21 Apr 2025 22:25:17 GMT; path=/
u_pl20046086=1; expires=Mon, 21 Apr 2025 22:25:17 GMT; path=/
Host: todayswigcontagious.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c7e8cc209d6f2c19059ea4a0c30863d5
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
POST url.totalav.com/fp/commit/apply.js?
200 OK 784 B URL
url.totalav.com/fp/commit/apply.js?
IP / ASN
35.224.74.90
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://secure.totalav.com/
Resource Info
File type JSON text data
First Seen 2025-04-11
Last Seen 2025-08-01
Times Seen 253
Size 784 B (784 bytes)
MD5 9634d4f90193fd92111a9a913b805423
SHA1 0b0abe65aea17e88707f8c1bddc54c7519bb1cd9
SHA256 2ca6799f4fc8d5fb33755cbf77e7cc0ed41c45b269087c7dd0cdff62bfd57b84
Certificate Info
Issuer Let's Encrypt
Subject affiliates.totalav.com
Fingerprint 77:13:9F:05:A2:7A:09:C9:C8:F0:BD:8F:DA:67:73:55:12:6E:FD:60
Validity Mon, 24 Mar 2025 03:11:57 GMT - Sun, 22 Jun 2025 03:11:56 GMT
POST /fp/commit/apply.js? HTTP/1.1
Host: url.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 743
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Apr 2025 22:25:28 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
x-content-type-options: nosniff
access-control-allow-origin: *
set-cookie: FRT:VIS=VIS%3A25040391904215467eee28248f0a3.28747547; expires=Sat, 19-Jul-2025 22:25:27 GMT; Max-Age=7775999; path=/; domain=.totalav.com
FRT:DCE=DCE%3A094993c42da20d7593a4aacc578878bae83b29d7; expires=Mon, 20-Apr-2026 22:25:28 GMT; Max-Age=31536000; path=/; domain=.totalav.com; httponly
FRT:FPID=200590500; expires=Mon, 20-Apr-2026 22:25:28 GMT; Max-Age=31536000; path=/; domain=.totalav.com; httponly
FRT:FPRINT=aeec824f35ab3a78441dde7a402f94a8ce0c2266; expires=Mon, 20-Apr-2026 22:25:28 GMT; Max-Age=31536000; path=/; domain=.totalav.com; httponly
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
OPTIONS ssl.kaptcha.com/session/01JSAMWT339TPRC60F3T4VMKPQ
200 OK 0 B URL
ssl.kaptcha.com/session/01JSAMWT339TPRC60F3T4VMKPQ
IP / ASN
54.148.115.137
#16509 AMAZON-02
Requested by https://secure.totalav.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject ssl.kaptcha.com
Fingerprint E9:49:88:A3:4E:A8:0F:2D:13:00:DC:05:6E:45:BB:F9:08:5C:0B:5D
Validity Mon, 15 Jul 2024 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT
OPTIONS /session/01JSAMWT339TPRC60F3T4VMKPQ HTTP/1.1
Host: ssl.kaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: client-id
Referer: https://secure.totalav.com/
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type, client-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
X-Correlation-Id: 366055a7-8bba-46d3-965b-c3022b8243ac
Date: Sun, 20 Apr 2025 22:25:28 GMT
Content-Length: 0
OPTIONS api.paymentauth.com/merchant/v2/charge/init
200 OK 0 B URL
api.paymentauth.com/merchant/v2/charge/init
IP / ASN
35.244.215.28
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://secure.totalav.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject paymentauth.com
Fingerprint 41:8A:62:5E:6F:07:84:C7:C1:01:04:A5:E1:8F:B9:DE:56:F4:D5:93
Validity Tue, 01 Apr 2025 08:21:07 GMT - Mon, 30 Jun 2025 08:21:06 GMT
OPTIONS /merchant/v2/charge/init HTTP/1.1
Host: api.paymentauth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-correlation-id
Referer: https://secure.totalav.com/
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: content-type, x-correlation-id
access-control-allow-origin: *
date: Sun, 20 Apr 2025 22:25:26 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET ssl.kaptcha.com/cs/generatecookie?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6
200 OK 323 B URL
ssl.kaptcha.com/cs/generatecookie?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6
IP / ASN
54.148.115.137
#16509 AMAZON-02
Requested by https://secure.totalav.com/
Resource Info
File type JSON text data
First Seen 2025-04-20
Last Seen 2025-04-20
Times Seen 1
Size 323 B (323 bytes)
MD5 abbd7a8d2fe6de295858804a0b440e11
SHA1 287be2fd99012b79049def7b5d2209b6724d57d9
SHA256 8e85beee8ab6691b9904235b51e226b2229bec4b02a5450078b2f1c5640d044f
Certificate Info
Issuer Sectigo Limited
Subject ssl.kaptcha.com
Fingerprint E9:49:88:A3:4E:A8:0F:2D:13:00:DC:05:6E:45:BB:F9:08:5C:0B:5D
Validity Mon, 15 Jul 2024 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT
GET /cs/generatecookie?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6 HTTP/1.1
Host: ssl.kaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.totalav.com/
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: ec4eadac-5140-4e86-a530-b316dadbcebb
Date: Sun, 20 Apr 2025 22:25:29 GMT
Content-Length: 323
Content-Type: text/plain; charset=utf-8
GET llut-glo.readyshoponline.com/t/clk?id=nRqBsxrPC0gY0hMNBAS7&s2=d02n8janaffc73eird6g&s4=1745187917
302 Found 269 kB URL
llut-glo.readyshoponline.com/t/clk?id=nRqBsxrPC0gY0hMNBAS7&s2=d02n8janaffc73eird6g&s4=1745187917
IP / ASN
18.158.63.117
#16509 AMAZON-02
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 269 kB (268556 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Amazon
Subject *.myshopblog.com
Fingerprint 23:49:1A:97:6F:97:54:A4:A6:39:90:FB:84:C0:1C:A4:6B:62:75:20
Validity Fri, 07 Mar 2025 00:00:00 GMT - Sun, 05 Apr 2026 23:59:59 GMT
GET /t/clk?id=nRqBsxrPC0gY0hMNBAS7&s2=d02n8janaffc73eird6g&s4=1745187917 HTTP/1.1
Host: llut-glo.readyshoponline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 20 Apr 2025 22:25:18 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://url.totalav.com/67e2e8814c081/click/17906/3033d722-61c9-4804-b189-4292be035cc8//
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: uip="[\"rqqZUx23h8\"\054 {\"GbqNZ\": \"kYn2ZqK\"}]:1u6d6E:zuVJCrZJPHNXBwKGEuc5TxoN0mo"; expires=Tue, 20 May 2025 22:25:18 GMT; Max-Age=2592000; Path=/
ydt_adc3c4b2f89d49aa87468740c2661042="[\"3033d722-61c9-4804-b189-4292be035cc8\"]:1u6d6E:vcY8lU4FyDAplL-LLZqr1DBkzec"; expires=Wed, 21 May 2025 00:25:18 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
GET resources.totalav.com/img/layout/kondo/icons/divided-orderform/lightning-bolt.png
200 OK 1.2 kB URL
resources.totalav.com/img/layout/kondo/icons/divided-orderform/lightning-bolt.png
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced
First Seen 2025-04-03
Last Seen 2025-08-02
Times Seen 244
Size 1.2 kB (1222 bytes)
MD5 209d80173e05669031614a5b1d620ad6
SHA1 2e2afe1b7c15c561b8b3cc655763543f08493411
SHA256 b7743fa9827e37d97d8d2e4ce80c9fd101581e72545bbfba2baa789bcd567db9
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/layout/kondo/icons/divided-orderform/lightning-bolt.png HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: image/png
content-length: 1222
x-goog-generation: 1711020316602859
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1222
x-goog-hash: crc32c=gD/Fgw==, md5=IJ2AFz4FZpAxYUpbHWIK1g==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
x-guploader-uploadid: AFiumC4Dwq3PUlfukZfztO1rY9vHCKzVM2xKutNbsudq5oR_Ausylpn2y0n9XX1G5q3KpvH-p9hpHenZ3Q
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
age: 884
last-modified: Thu, 21 Mar 2024 11:25:16 GMT
etag: "209d80173e05669031614a5b1d620ad6"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/layout/kondo/icons/divided-orderform/lightning-bolt.png>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET resources.totalav.com/img/global/favicons/lock/favicon-16x16.png
200 OK 1.1 kB URL
resources.totalav.com/img/global/favicons/lock/favicon-16x16.png
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type PNG image data, 16 x 16, 16-bit/color RGBA, non-interlaced
First Seen 2023-09-16
Last Seen 2025-08-02
Times Seen 261
Size 1.1 kB (1103 bytes)
MD5 174c672f4d397baf55c912beb73062bb
SHA1 93cdc8a4b29a5ed73fd111623d82732e0e7d3cb6
SHA256 468e1afe6f4b0fadc1a0704341e11f410f2298e0162135f4be5ebcd71001b75a
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/global/favicons/lock/favicon-16x16.png HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:26 GMT
content-type: image/png
content-length: 1103
x-goog-generation: 1565684587348164
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1103
x-goog-hash: crc32c=elkv7w==, md5=F0xnL005e69VyRK+tzBiuw==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
x-guploader-uploadid: AFiumC52HhzaLDKQEQA4VuQ_r430wcvi9WBcJGcR7kA0eDsSgplNjGEwnMA82h_eQghVGNAn-5p2ABjk2g
expires: Sun, 27 Apr 2025 22:25:26 GMT
cache-control: max-age=604800
last-modified: Tue, 13 Aug 2019 08:23:07 GMT
etag: "174c672f4d397baf55c912beb73062bb"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/global/favicons/lock/favicon-16x16.png>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
POST ssl.kaptcha.com/session/01JSAMWT339TPRC60F3T4VMKPQ
200 OK 0 B URL
ssl.kaptcha.com/session/01JSAMWT339TPRC60F3T4VMKPQ
IP / ASN
54.148.115.137
#16509 AMAZON-02
Requested by https://secure.totalav.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject ssl.kaptcha.com
Fingerprint E9:49:88:A3:4E:A8:0F:2D:13:00:DC:05:6E:45:BB:F9:08:5C:0B:5D
Validity Mon, 15 Jul 2024 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT
POST /session/01JSAMWT339TPRC60F3T4VMKPQ HTTP/1.1
Host: ssl.kaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
client-id: 100316
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
Set-Cookie: k=659eb8c99d68447fbeedfc687432b158; Path=/; Expires=Mon, 20 Apr 2026 22:25:28 GMT; HttpOnly; Secure; SameSite=None
X-Correlation-Id: 202fad9c-0bad-4878-a690-7295441907ed
Date: Sun, 20 Apr 2025 22:25:28 GMT
Content-Length: 0
GET momotrk.com/click?key=66e5a790cc9067f6c530&t=0.000500&t1=0.500000&t2=20046086&t3=180102&t4=2791291&t5=3280004&t6=s&t12=Movies
200 OK 331 B URL
momotrk.com/click?key=66e5a790cc9067f6c530&t=0.000500&t1=0.500000&t2=20046086&t3=180102&t4=2791291&t5=3280004&t6=s&t12=Movies
IP / ASN
157.90.104.39
#24940 Hetzner Online GmbH
Resource Info
File type HTML document, ASCII text
First Seen 2025-04-20
Last Seen 2025-04-20
Times Seen 1
Size 331 B (331 bytes)
MD5 4fb71971da0ae46af160c868839f7017
SHA1 258020a41670327575a56602fed4bb3f17f7e85f
SHA256 c0324f1a19a6d556c054346936d355545e118ca6eb73a90405b8ac2a0c611187
Certificate Info
Issuer Let's Encrypt
Subject momotrk.com
Fingerprint E1:14:A8:61:97:98:EA:02:D3:F9:C9:C4:59:C4:2F:74:43:C0:30:9A
Validity Thu, 03 Apr 2025 17:42:02 GMT - Wed, 02 Jul 2025 17:42:01 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /click?key=66e5a790cc9067f6c530&t=0.000500&t1=0.500000&t2=20046086&t3=180102&t4=2791291&t5=3280004&t6=s&t12=Movies HTTP/1.1
Host: momotrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://todayswigcontagious.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sun, 20 Apr 2025 22:25:17 GMT
server: Caddy
set-cookie: uclick=zO+NkFtVbYg1grLxbmCYtFg9Ypk5G4G5bJJ1xEMrWmf/cc5Iphs5KY+LcO31+Yr+iGWWyWY=; Max-Age=31536000; SameSite=Lax
bcid=d02n8janaffc73eird6g; Max-Age=31536000; SameSite=Lax
x-request-id: 894ceb09-aabe-45bd-ae92-99aae0547e27
content-length: 331
X-Firefox-Spdy: h2
GET secure.totalav.com/cross-domain/respond.src.js
200 OK 8.5 kB URL
secure.totalav.com/cross-domain/respond.src.js
IP / ASN
34.8.249.45
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (341)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 377
Size 8.5 kB (8536 bytes)
MD5 9034d02a3ff78ccdd81f0790a83940dd
SHA1 bcea82d7fac61d713bdb73a332f6435c6c88a58b
SHA256 8219937fb5d40ea3720fb56701c5f55b462a0f77b19074190b2d15242c5caeaf
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint 5A:73:11:F3:B1:42:78:E2:B4:CD:A7:E0:53:D0:89:C8:01:AF:D1:BA
Validity Tue, 05 Nov 2024 00:00:00 GMT - Wed, 05 Nov 2025 23:59:59 GMT
GET /cross-domain/respond.src.js HTTP/1.1
Host: secure.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET resources.totalav.com/img/global/secure/form_footer/green-guarantee-shield.svg
200 OK 0 B URL
resources.totalav.com/img/global/secure/form_footer/green-guarantee-shield.svg
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/global/secure/form_footer/green-guarantee-shield.svg HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
GET cdn.prod.pci-bridge.com/v1.1.12/iframe.html
200 OK 169 B URL
cdn.prod.pci-bridge.com/v1.1.12/iframe.html
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://secure.totalav.com/
Resource Info
File type HTML document, ASCII text, with no line terminators
First Seen 2023-09-16
Last Seen 2025-08-02
Times Seen 258
Size 169 B (169 bytes)
MD5 0bb464f3a9f4e735a145dcbd224d445f
SHA1 1c90a8000a7a861964bbdd92d2365acffe0647ca
SHA256 6a65d5c9f1c41bb41e5dd0ccad80d343676f5d8db32526b302897c567547c314
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/iframe.html HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-guploader-uploadid: AAO2VwoVZU1r5tnUwsuqrC0_9h-zg84Lh9RvYrkFQTi3Smft84hLZRB59mp0wgBxAqgPxDGD03KYpMo
x-goog-generation: 1720016312480331
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 163
content-encoding: gzip
x-goog-hash: crc32c=OQe43g==, md5=bhIIuCNtVpZF1icaUn+08Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 163
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 14:56:13 GMT
age: 26953
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "6e1208b8236d569645d6271a527fb4f1"
content-type: text/html
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.paymentauth.com/merchant/v2.4.14/chargehive.min.js
200 OK 272 kB URL
cdn.paymentauth.com/merchant/v2.4.14/chargehive.min.js
IP / ASN
35.244.250.165
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
First Seen 2025-04-03
Last Seen 2025-08-02
Times Seen 258
Size 272 kB (272223 bytes)
MD5 cfe5c8c01bb8a7a66476566bbee087e0
SHA1 c83e54d5347764c384267a095c55a204db58a93f
SHA256 71726dbc6dab577912e4e1974ff03078987ea19e532ad44e3342474adb062ac9
Certificate Info
Issuer Google Trust Services
Subject cdn.paymentauth.com
Fingerprint BB:21:28:6E:F2:71:24:9D:1F:7A:31:A6:3A:2A:45:7F:B2:23:1F:23
Validity Sat, 08 Mar 2025 03:19:25 GMT - Fri, 06 Jun 2025 04:13:38 GMT
GET /merchant/v2.4.14/chargehive.min.js HTTP/1.1
Host: cdn.paymentauth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: AKDAyIv523w61H9Kv4YvjrD68POvzW4wqb0e_QdiSksBp2jUW0qRkeekdyBU_5-VKafF-fonXCSGeGc
x-goog-generation: 1742394987146516
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 272223
x-goog-meta-goog-reserved-file-mtime: 1742394985
x-goog-hash: crc32c=O34SDA==, md5=z+XIwBu4p6ZkdlZrvuCH4A==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 272223
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Cache-Control
server: UploadServer
date: Tue, 15 Apr 2025 20:19:06 GMT
expires: Tue, 13 May 2025 20:19:06 GMT
cache-control: public, max-age=2419200
last-modified: Wed, 19 Mar 2025 14:36:27 GMT
etag: "cfe5c8c01bb8a7a66476566bbee087e0"
content-type: text/javascript
age: 439577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET resources.totalav.com/font/roboto/Roboto-Medium-webfont.woff
200 OK 25 kB URL
resources.totalav.com/font/roboto/Roboto-Medium-webfont.woff
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Web Open Font Format, TrueType, length 25048, version 1.0
First Seen 2023-04-17
Last Seen 2025-08-02
Times Seen 533
Size 25 kB (25048 bytes)
MD5 b9d01ac1742192a7c9d30f3fe346a9f4
SHA1 7936f9a6690c04cec20cdd3b270bda83a613582b
SHA256 8ca845a97256742debfc82004246fe03d97da1aae5b41b691b23d90b70df3910
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /font/roboto/Roboto-Medium-webfont.woff HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:25 GMT
content-type: font/woff
content-length: 25048
cache-control: max-age=604800
expires: Sun, 27 Apr 2025 22:25:25 GMT
last-modified: Mon, 19 Aug 2019 15:33:46 GMT
etag: "b9d01ac1742192a7c9d30f3fe346a9f4"
x-goog-generation: 1566228826052099
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 25048
x-goog-hash: crc32c=Aphgvw==, md5=udAawXQhkqfJ0w8/40ap9A==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: AFiumC7a_oeD5Xzc3uNy4132KbhBc5P4yGQG4fY3tfbeDhoCGg1VtB-TuXQYBGQx8o92hWJt_wo
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/font/roboto/Roboto-Medium-webfont.woff>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET resources.totalav.com/font/Inter/Inter-Medium.woff2
200 OK 104 kB URL
resources.totalav.com/font/Inter/Inter-Medium.woff2
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 103768, version 1.0
First Seen 2023-10-14
Last Seen 2025-08-02
Times Seen 287
Size 104 kB (103768 bytes)
MD5 2f88da83f45dd01b9792b90014909685
SHA1 ae16abf00c40f62dfca1eabc53a54d2e0d0fb709
SHA256 6b7e1d9293cae763023c43809c1e0b78af7417f4f4248152b609e7803ccaeadb
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /font/Inter/Inter-Medium.woff2 HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:25 GMT
content-type: application/octet-stream
content-length: 103768
x-goog-generation: 1693560717563717
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 103768
x-goog-hash: crc32c=Ip86zg==, md5=L4jag/Rd0BuXkrkAFJCWhQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: AFiumC7OY1LIKQenWZJJIoF5QJV2ShHrRNst4XB7xfuHEgZksMhXJ6vCz6AQwyzS-gDMXX9qIWUlJR75mA
expires: Sun, 27 Apr 2025 22:25:25 GMT
cache-control: max-age=604800
age: 25
last-modified: Fri, 01 Sep 2023 09:31:57 GMT
etag: "2f88da83f45dd01b9792b90014909685"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/font/Inter/Inter-Medium.woff2>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET resources.totalav.com/font/Inter/Inter-Bold.woff2
200 OK 104 kB URL
resources.totalav.com/font/Inter/Inter-Bold.woff2
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 104516, version 1.0
First Seen 2023-06-15
Last Seen 2025-08-02
Times Seen 289
Size 104 kB (104516 bytes)
MD5 ec5a009964176c200346fdd5e603d3c4
SHA1 55eef43b0b8a0d5baddb7c69b9e7395876b9faca
SHA256 ab61934b442d43e368a5529b86a84a2cb942f99907e3e104010d03edd5a751fc
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /font/Inter/Inter-Bold.woff2 HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:25 GMT
content-type: application/octet-stream
content-length: 104516
x-goog-generation: 1693560715435354
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 104516
x-goog-hash: crc32c=6p4ygQ==, md5=7FoAmWQXbCADRv3V5gPTxA==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: AFiumC6bSDQDbNMLbbyISKmhAbmWQMf_1qjVlN2ntnTmvlUQK_uKqMQo4G6ozEWOSixtB82xb-W4HwKL3A
expires: Sun, 27 Apr 2025 22:25:25 GMT
cache-control: max-age=604800
age: 1102
last-modified: Fri, 01 Sep 2023 09:31:55 GMT
etag: "ec5a009964176c200346fdd5e603d3c4"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/font/Inter/Inter-Bold.woff2>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET ssl.kaptcha.com/logo.htm?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6
200 OK 23 kB URL
ssl.kaptcha.com/logo.htm?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6
IP / ASN
54.148.115.137
#16509 AMAZON-02
Requested by https://secure.totalav.com/
Resource Info
File type HTML document, ASCII text, with very long lines (22367)
First Seen 2025-04-20
Last Seen 2025-04-20
Times Seen 1
Size 23 kB (22783 bytes)
MD5 eb4e0219f2693a6401155c72743b4eaa
SHA1 2f4f1885472aebfd800710297dabf69bec8b4e58
SHA256 a344a44b6306358f5a3f637c83c2796e995353e63236898d621c54859bab54b4
Certificate Info
Issuer Sectigo Limited
Subject ssl.kaptcha.com
Fingerprint E9:49:88:A3:4E:A8:0F:2D:13:00:DC:05:6E:45:BB:F9:08:5C:0B:5D
Validity Mon, 15 Jul 2024 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT
GET /logo.htm?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6 HTTP/1.1
Host: ssl.kaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/html
Expires: 0
Pragma: no-cache
Set-Cookie: k=29697030e2934d70996ac396c54ffc92; Path=/; Expires=Mon, 20 Apr 2026 22:25:29 GMT; HttpOnly; Secure; SameSite=None
X-Correlation-Id: 3f748190-e662-4db0-a592-a2069244df29
Date: Sun, 20 Apr 2025 22:25:29 GMT
Transfer-Encoding: chunked
GET resources.totalav.com/build/prod/26.330.1/js/kondo/global.min.js
200 OK 331 kB URL
resources.totalav.com/build/prod/26.330.1/js/kondo/global.min.js
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (31997)
First Seen 2023-09-16
Last Seen 2025-08-02
Times Seen 258
Size 331 kB (331187 bytes)
MD5 365b0c3c5a3e43e943f0e4e1fd59852f
SHA1 d47db1c5c2386b4f9277523edfe10cdbb5e402b7
SHA256 7de375992579e31dd14c1321b43c0ecb99e873b20260eb1074101da7a099cbef
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /build/prod/26.330.1/js/kondo/global.min.js HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: text/javascript
content-length: 80163
x-guploader-uploadid: AKDAyIt8pQ8zq1rhBicSH6NQhrtqnK0tR_0PTtvjrDFUAe31PMDKJdHRQdoFw_Y0qBV7yrDGHyHGtnQ
x-goog-generation: 1744905370767581
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 80163
content-encoding: gzip
x-goog-hash: crc32c=Z+FZwQ==, md5=r9YovijpsNDgxW/5PCYcDA==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Thu, 17 Apr 2025 15:56:10 GMT
etag: "afd628be28e9b0d0e0c56ff93c261c0c"
age: 374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/build/prod/26.330.1/js/kondo/global.min.js>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=p3hmRc,LvGhrf,RqjULd
200 OK 22 kB URL
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=p3hmRc,LvGhrf,RqjULd
IP / ASN
172.217.21.163
#15169 GOOGLE
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.totalav.com&mid=
Resource Info
File type JavaScript source, ASCII text, with very long lines (3434)
First Seen 2025-04-18
Last Seen 2025-04-22
Times Seen 31
Size 22 kB (21661 bytes)
MD5 3bd639b9b3df24d0a76b35b3a4429de5
SHA1 98d95082f5146b237dabf33aea5ef562a59dc453
SHA256 d46c0976164eee92555d7a69eed968b7366367e4bd758157629a6e23a9b79026
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
Validity Mon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=p3hmRc,LvGhrf,RqjULd HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 7534
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Apr 2025 20:49:09 GMT
expires: Mon, 20 Apr 2026 20:49:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Fri, 18 Apr 2025 04:43:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 5781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.paypal.com/tagmanager/pptm.js?id=secure.totalav.com&source=checkoutjs&t=xo&v=4.0.344
200 OK 0 B URL
www.paypal.com/tagmanager/pptm.js?id=secure.totalav.com&source=checkoutjs&t=xo&v=4.0.344
IP / ASN
151.101.193.21
#54113 FASTLY
Requested by https://secure.totalav.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer DigiCert Inc
Subject www.paypal.com
Fingerprint D3:FA:28:57:AF:61:AB:95:FA:21:63:D4:AC:8D:74:AA:DE:8E:CA:3F
Validity Fri, 10 Jan 2025 00:00:00 GMT - Fri, 09 Jan 2026 23:59:59 GMT
GET /tagmanager/pptm.js?id=secure.totalav.com&source=checkoutjs&t=xo&v=4.0.344 HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
traceparent: 00-0000000000000000000f41463720ac5f-1fa34429473f93b1-01
accept-ranges: bytes
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vFUk8SwXjB3a7WmBgQdQ/OIRSRahtxLGm/6vZrQXJV04CSIp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-xss-protection: 1; mode=block
age: 3399
paypal-debug-id: f41463720ac5f
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
content-type: application/x-javascript; charset=utf-8
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
content-encoding: gzip
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-frame-options: SAMEORIGIN
cache-control: public, max-age=3600
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
date: Sun, 20 Apr 2025 22:25:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hel1410021-HEL, cache-hel1410021-HEL
x-cache: HIT, HIT, MISS, MISS
x-cache-hits: 58, 0, 0, 0
x-timer: S1745187925.555326,VS0,VE28
vary: Accept-Encoding
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 20
X-Firefox-Spdy: h2
GET www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
200 OK 40 kB URL
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
IP / ASN
172.217.21.163
#15169 GOOGLE
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.totalav.com&mid=
Resource Info
File type JavaScript source, ASCII text, with very long lines (1455)
First Seen 2025-04-18
Last Seen 2025-04-21
Times Seen 32
Size 40 kB (40283 bytes)
MD5 cb5af5be828c6e2115b488815dd3f4c7
SHA1 d90a8d48078612e2d2e60386a221ee2e7d57595d
SHA256 35af612e46c16f3d702698bf010a447074614b60dc0b83d8c252293868de8fa6
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
Validity Mon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 15001
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Apr 2025 20:49:09 GMT
expires: Mon, 20 Apr 2026 20:49:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Fri, 18 Apr 2025 04:43:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 5781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET resources.totalav.com/build/prod/26.330.1/css/kondo/secure/_totalav/secure.min.css
200 OK 51 kB URL
resources.totalav.com/build/prod/26.330.1/css/kondo/secure/_totalav/secure.min.css
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (51277)
First Seen 2025-04-17
Last Seen 2025-04-22
Times Seen 41
Size 51 kB (51289 bytes)
MD5 2a89e3415e2c17dc037346e8b23b089e
SHA1 a1b3bf764b972c8196b07a8bcdad47533f79b729
SHA256 a49bda7c06daaa16c6b1c94f5249dbe583635810061edc3ab95cc74408a2b423
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /build/prod/26.330.1/css/kondo/secure/_totalav/secure.min.css HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: text/css
content-length: 8440
x-guploader-uploadid: AKDAyIv8hRF0KemHLZOgumqSxRMZS0ZOvyxpOIhsJxYGCgTU9AFirN53bnHHfUJbXvXAqTSC_6lf1FU
x-goog-generation: 1744905359600530
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8440
content-encoding: gzip
x-goog-hash: crc32c=Pwcksw==, md5=9V/I+BXKUX/bcjU22Zd/Uw==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Thu, 17 Apr 2025 15:55:59 GMT
etag: "f55fc8f815ca517fdb723536d9977f53"
age: 117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/build/prod/26.330.1/css/kondo/secure/_totalav/secure.min.css>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET todayswigcontagious.com/favicon.ico
0 B URL
todayswigcontagious.com/favicon.ico
IP / ASN
0.0.0.0
#0
Requested by https://todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2FkYj1uJmRldj1yJmtleT04Mjg5NmIyMzMyYjc0ZGZjNmZlYzcxYmZjZDMxY2JhNiZrdz0lNUIlMjJwbGF5ZXI0dSUyMiUyQyUyMi0lMjIlMkMlMjJzZWFyY2glMjIlMkMlMjJhbmQlMjIlMkMlMjJlbWJlZCUyMiU1RCZsd3Q9MzUmcHNpZD1odHRwcyUzQSUyRiUyRnd3NC4xMjNtb3ZpZXNmcmVlLm5ldCZyZWZlcj1odHRwcyUzQSUyRiUyRnBsYXllcjR1Lnh5eiUyRmVtYmVkJTNGa2V5JTNEVmlkZW8lMjUyMEdhbWUlMjUyMEhpZ2glMjUyMFNjaG9vbCZyZXM9MTQuMzEmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzdWIzPWludm9rZV9sYXllciZ0ej0yJnY9MjUuMy4yMzg4JmRscnQ9dA
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619431
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject todayswigcontagious.com
Fingerprint 2E:37:28:ED:7C:6C:62:06:8E:41:C7:43:B0:3B:27:71:D7:AE:61:0C
Validity Tue, 18 Mar 2025 08:19:33 GMT - Mon, 16 Jun 2025 08:19:32 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: todayswigcontagious.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://todayswigcontagious.com/api/users?token=L3BkNmJncDhlP2tleT0xMGFmYWVjMzU0MDRmZmQ1ZWRiYWQwMTMxYmIzOGVlNiZzdWJtZXRyaWM9MjAwNDYwODY
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDA0NjA4NiwiayI6IjgyODk2YjIzMzJiNzRkZmM2ZmVjNzFiZmNkMzFjYmE2Iiwic2lkIjoiaHR0cHM6Ly93dzQuMTIzbW92aWVzZnJlZS5uZXQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjI3OTEyOTEsInBpZCI6MTgwMTAyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjEsImFpZCI6MjgsInB0Ijo0LCJwayI6InBkNmJncDhlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wbGF5ZXI0dS54eXovZW1iZWQ_a2V5PVZpZGVvJTIwR2FtZSUyMEhpZ2glMjBTY2hvb2wiLCJhciI6W119fQ.TSt0miEVCojM565gXQcFMiiJXlgDa6bObnZekA35jU8; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
GET resources.totalav.com/font/Inter/Inter-Regular.woff2
200 OK 96 kB URL
resources.totalav.com/font/Inter/Inter-Regular.woff2
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 95880, version 1.0
First Seen 2023-06-15
Last Seen 2025-08-02
Times Seen 309
Size 96 kB (95880 bytes)
MD5 1fea448bb0aa0a652e0e0e80efe7b74d
SHA1 c1ae2899764637e9cf57022b8eb89be3e16262d6
SHA256 8bffd3c04a7e7c19bb4fac0f956752e1cb719e32ca55634379ffbc60990b8332
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /font/Inter/Inter-Regular.woff2 HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Referer: https://resources.totalav.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:25 GMT
content-type: application/octet-stream
content-length: 95880
x-goog-generation: 1693560718340723
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 95880
x-goog-hash: crc32c=IKZP8g==, md5=H+pEi7CqCmUuDg6A7+e3TQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-guploader-uploadid: AFiumC5ZZGQpLe6pX4ZJ_q_3LUD9WoYVEVnZtLMEci9UtkyS1nYhDRqXw3wgyP8nDevGXRdU3A0AYeIAQA
expires: Sun, 27 Apr 2025 22:25:25 GMT
cache-control: max-age=604800
age: 3152
last-modified: Fri, 01 Sep 2023 09:31:58 GMT
etag: "1fea448bb0aa0a652e0e0e80efe7b74d"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/font/Inter/Inter-Regular.woff2>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.totalav.com&mid=
200 OK 14 kB URL
pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.totalav.com&mid=
IP / ASN
74.125.131.92
#15169 GOOGLE
Requested by https://secure.totalav.com/
Resource Info
File type HTML document, ASCII text, with very long lines (4237)
First Seen 2025-04-20
Last Seen 2025-04-20
Times Seen 1
Size 14 kB (14377 bytes)
MD5 a4fc40a661bf59cf4cdf710abd4e1a5e
SHA1 3d1d00057dc77877db4589e7399290f99b3fc15e
SHA256 b4410b6c0ee69e497ffe98024540a9a54bdff1149576c04a28e70d6cc02c4ab6
Certificate Info
Issuer Google Trust Services
Subject *.google.com
Fingerprint 67:52:2F:AB:93:DE:39:DA:94:50:11:AE:8B:37:CB:88:8F:DC:56:7D
Validity Mon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT
GET /gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.totalav.com&mid= HTTP/1.1
Host: pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Sun, 20 Apr 2025 22:25:29 GMT
date: Sun, 20 Apr 2025 22:25:29 GMT
cache-control: private, max-age=3600
origin-trial: AssDE6uDpaVUq9mb8HyrCnDR4hxNa3P1PQl8E0huFRpGw4MFWswRwyuk1E68LufiBFMulCrRk3VCexIRW39eYwoAAABMeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5fQ==
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'nonce-ITXWrRI1FAdV30z5kiJ41g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist, script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/fine-allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjamHU4pJicNCQYlheKsWwZKYUQ8Gy6ayhL6azJgNx681zrJOBeG7AedbwzPOsRmvPszoAsaHCJVZ7IP6Vd4m1SOIKawMQ14deZY3lvcY6y-Iaa0DWNVaD59dZu9VusH6qusEqUH2DdcGcG6yFQTdZMzpustr23mQ10bvFumvjLdaDQCzEzXHzxdQDbAIfVu8RU9JOyi-Mz8wrLknMK0kqrUwrys8rSc1LKU4tKkstijcyMDI1MDG00DMwiS8wAAB8b0v2"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=523=Iju9-HqCVv7iq73utU9mw4aVgiRTlnAobwcfsQ6cOS-9T3eJnBfy9RtBRSTQ1YtXC4tSLFq-zX29nbleJU7-5ryKSw-jj0EBj1J_ilr4tsVMT89RfdlILFCqUuN-hrWavcdxi5TrlWqJFCvrYhIwh0rQ5fIkifLVIAo56E7pAxHIyvdtP8sIuuPveeybmngiK99MTy1M_BmXgxvKEulPjeqea5eywi0slV1CMA; expires=Mon, 20-Oct-2025 22:25:28 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET resources.totalav.com/img/layout/kondo/icons/divided-orderform/phone.svg
200 OK 1.5 kB URL
resources.totalav.com/img/layout/kondo/icons/divided-orderform/phone.svg
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-04-11
Last Seen 2025-08-01
Times Seen 236
Size 1.5 kB (1492 bytes)
MD5 c921e89630bb405e8c22406eedcaaaff
SHA1 3264611a18f2eed40f72771eebe9f0fc64548b00
SHA256 e60b5bd58def80212e0fb1edb88a232048c1464b0515eeb0a8b4fc15d72f6e41
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/layout/kondo/icons/divided-orderform/phone.svg HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: image/svg+xml
x-goog-generation: 1699974778986660
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1492
x-goog-hash: crc32c=myEuvg==, md5=ySHoljC7QF6MIkBu7cqq/w==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
x-guploader-uploadid: AFiumC6usdmT2-KLLhTlhls6HjRD9CTFHQz18thh-dBmofj0e6x1fk7rhnPiq3v3YidMbFY2uXN07PvMSw
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Tue, 14 Nov 2023 15:12:59 GMT
etag: W/"c921e89630bb405e8c22406eedcaaaff"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/layout/kondo/icons/divided-orderform/phone.svg>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
200 OK 178 kB URL
cdn.prod.pci-bridge.com/v1.1.12/js/pcibridge.js
IP / ASN
35.186.203.58
#15169 GOOGLE
Requested by https://secure.totalav.com/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
First Seen 2025-02-23
Last Seen 2025-08-02
Times Seen 259
Size 178 kB (177963 bytes)
MD5 ff5b8e4bfc74ae4e0b214c2403280c56
SHA1 2b69f6635449f4b036ebaa6300ae1575e2f57ec4
SHA256 f5265190a503c84089f255b5ae9cbc12ce99e21052ab93b5d5c14c15e834f514
Certificate Info
Issuer Google Trust Services
Subject cdn.prod.pci-bridge.com
Fingerprint E8:6A:B3:03:D5:06:CB:71:32:C9:51:B0:0C:A4:52:37:8A:D6:BE:1C
Validity Sat, 15 Mar 2025 12:40:39 GMT - Fri, 13 Jun 2025 13:34:53 GMT
GET /v1.1.12/js/pcibridge.js HTTP/1.1
Host: cdn.prod.pci-bridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: AAO2VwoaXbMrNIlOWEkRH0rWQnQoMrx4gKQ1gV1SjB8OoJkxVtHSplEQfVyK6Rs1pniG2B6r5Ps5tMc
x-goog-generation: 1720016312304109
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 59041
content-encoding: gzip
x-goog-hash: crc32c=4ShYPQ==, md5=ZUdfdYF5HH37rtiA5NJdVA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 59041
access-control-allow-origin: *
server: UploadServer
date: Sun, 20 Apr 2025 19:22:29 GMT
age: 10974
last-modified: Wed, 03 Jul 2024 14:18:32 GMT
etag: "65475f7581791c7dfbaed880e4d25d54"
content-type: application/javascript
cache-control: public,max-age=3600,no-transform
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: payment=("https://cdn.prod.pci-bridge.com")
feature-policy: payment https://cdn.prod.pci-bridge.com
referrer-policy: no-referrer
content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net; font-src https://fonts.gstatic.com https://use.typekit.net; connect-src https://api.prod.pci-bridge.com; require-trusted-types-for 'script';
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
200 OK 8.5 kB URL
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP / ASN
172.217.21.163
#15169 GOOGLE
Requested by https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.totalav.com&mid=
Resource Info
File type JavaScript source, ASCII text, with very long lines (941)
First Seen 2025-04-18
Last Seen 2025-04-21
Times Seen 32
Size 8.5 kB (8507 bytes)
MD5 63084193be541be3395a143c7380090d
SHA1 67e795f3b5306bfa20b46711c9d93c67db2ddc3e
SHA256 7eaf184b76ca87d16e479a3e38f61fbb8b71bf4d11de9e3fceda4e24f22e9631
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
Validity Mon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT
GET /_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tGfkeQKHfUk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.6UZALyX8P08.L.F4.O/am=ADDgAQ/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgw_ihQZjHvA6HV0r6WWTNbcR6uEQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-length: 3548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Apr 2025 20:49:09 GMT
expires: Mon, 20 Apr 2026 20:49:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Fri, 18 Apr 2025 04:43:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 5781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET resources.totalav.com/img/layout/kondo/card-icons/visa.svg
200 OK 2.7 kB URL
resources.totalav.com/img/layout/kondo/card-icons/visa.svg
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-04-11
Last Seen 2025-08-02
Times Seen 232
Size 2.7 kB (2676 bytes)
MD5 fdff26daaaf4f9cf9d384eaec6db5a7c
SHA1 5f33ab2182304d538e15de020991a89ed09a715a
SHA256 d7f656a77553e24db60f555e4a8c2bf8099d8d51fc5deefe0e739105bb37e920
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/layout/kondo/card-icons/visa.svg HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: image/svg+xml
x-goog-generation: 1576670090702689
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2676
x-goog-hash: crc32c=z0ZyFw==, md5=/f8m2qr0+c+dOE6uxttafA==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
x-guploader-uploadid: AFiumC591DFQkSmYR4RftczKLDYVWPC7d-cG37jh1oH0dro1yaALu3nl7S1SKOU-V9Wjl6ANfm37w2beFQ
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Wed, 18 Dec 2019 11:54:50 GMT
etag: W/"fdff26daaaf4f9cf9d384eaec6db5a7c"
age: 1478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/layout/kondo/card-icons/visa.svg>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
GET resources.totalav.com/img/layout/kondo/card-icons/amex.svg
200 OK 2.4 kB URL
resources.totalav.com/img/layout/kondo/card-icons/amex.svg
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-04-11
Last Seen 2025-08-02
Times Seen 239
Size 2.4 kB (2412 bytes)
MD5 d1f39e2da3b114ba8a3a4bd6d8cb5e02
SHA1 b496567f5753a6050d7815496c68b3131280df31
SHA256 74045030e1ea20838d3b2f2bdb835e6e6e0a9a16171c19a3a35af17ad132f170
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/layout/kondo/card-icons/amex.svg HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: image/svg+xml
x-goog-generation: 1576670090106629
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2412
x-goog-hash: crc32c=y+X7CA==, md5=0fOeLaOxFLqKOkvW2MteAg==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
x-guploader-uploadid: AFiumC4xJYVSug8fR5WU7V1Yaip1G-jEFzoxfqOoZZg1soe_ptbURj4hNL7jEYbqEPd8O-237bMO3ug5VQ
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Wed, 18 Dec 2019 11:54:50 GMT
etag: W/"d1f39e2da3b114ba8a3a4bd6d8cb5e02"
age: 543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/layout/kondo/card-icons/amex.svg>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
POST api.paymentauth.com/merchant/v2/charge/init
200 OK 1.7 kB URL
api.paymentauth.com/merchant/v2/charge/init
IP / ASN
35.244.215.28
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://secure.totalav.com/
Resource Info
File type JSON text data
First Seen 2025-04-20
Last Seen 2025-04-20
Times Seen 1
Size 1.7 kB (1675 bytes)
MD5 45c9c3189611a6a485cf67c620c1455b
SHA1 80cf8fd220c7025a331b9d5031896f157a4f0ad1
SHA256 8842ee350e823cdb19bbb34a73161da7964d7d7cd733d830bad15745f3ff018a
Certificate Info
Issuer Let's Encrypt
Subject paymentauth.com
Fingerprint 41:8A:62:5E:6F:07:84:C7:C1:01:04:A5:E1:8F:B9:DE:56:F4:D5:93
Validity Tue, 01 Apr 2025 08:21:07 GMT - Mon, 30 Jun 2025 08:21:06 GMT
POST /merchant/v2/charge/init HTTP/1.1
Host: api.paymentauth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.totalav.com/
Content-Type: application/json
X-Correlation-ID: 01JSAMWT339TPRC60F3T4VMKPQ
Content-Length: 715
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: content-type, x-correlation-id
access-control-allow-origin: *
content-type: application/json
x-correlation-id: 01JSAMWT339TPRC60F3T4VMKPQ
x-request-id: 2074047d-8b8c-4fbd-8574-9b39ce894152
date: Sun, 20 Apr 2025 22:25:26 GMT
content-length: 1675
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET ssl.kaptcha.com/cs/config?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6
200 OK 165 B URL
ssl.kaptcha.com/cs/config?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6
IP / ASN
54.148.115.137
#16509 AMAZON-02
Requested by https://secure.totalav.com/
Resource Info
File type JSON text data
First Seen 2025-01-16
Last Seen 2025-07-29
Times Seen 388
Size 165 B (165 bytes)
MD5 8f987857ac0b0578f89fe553534bf22d
SHA1 5851b7a6d06ff104192bd70bf502ac884309efd5
SHA256 a310f97ecf0a5c49a568d2840b5f517ae3c5ebe0c66c4f867ac516984ba425e7
Certificate Info
Issuer Sectigo Limited
Subject ssl.kaptcha.com
Fingerprint E9:49:88:A3:4E:A8:0F:2D:13:00:DC:05:6E:45:BB:F9:08:5C:0B:5D
Validity Mon, 15 Jul 2024 00:00:00 GMT - Tue, 15 Jul 2025 23:59:59 GMT
GET /cs/config?m=100316&s=01JSAMWT339TPRC60F3T4VMKPQ&sv=1.1.6 HTTP/1.1
Host: ssl.kaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.totalav.com/
Origin: https://secure.totalav.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 43a4c9c4-249b-44f3-993a-59ef1d37720a
Date: Sun, 20 Apr 2025 22:25:28 GMT
Content-Length: 165
Content-Type: text/plain; charset=utf-8
GET resources.totalav.com/img/layout/kondo/secure/divided-orderform/tav-awards2024.png
200 OK 25 kB URL
resources.totalav.com/img/layout/kondo/secure/divided-orderform/tav-awards2024.png
IP / ASN
195.16.73.219
#56655 Gigahost AS
Requested by https://secure.totalav.com/
Resource Info
File type PNG image data, 838 x 190, 8-bit colormap, non-interlaced
First Seen 2025-02-23
Last Seen 2025-08-01
Times Seen 241
Size 25 kB (25137 bytes)
MD5 dc8ee523a445d1d3c3e7cf52078f7cf5
SHA1 e4a76e5887913a12061d9fe447345ae2e4bb31d6
SHA256 c54f4fc7d1b0bb6f5baa0a420ee950c8903645dc7c6b715b7e8eb39d3d8de99d
Certificate Info
Issuer Sectigo Limited
Subject *.totalav.com
Fingerprint C3:9C:84:1D:4D:28:40:53:AE:0B:B1:F3:AE:E4:55:22:B6:DB:F7:A0
Validity Tue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
GET /img/layout/kondo/secure/divided-orderform/tav-awards2024.png HTTP/1.1
Host: resources.totalav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.totalav.com/
Cookie: FRT:ADVTD=FID%3AAFF%3A1694776898%3ACHCSK87vY7PLk%2F67e2e8814c081%2F17906%2F3033d722-61c9-4804-b189-4292be035cc8%2F; FRT:VIS=VIS%3A2504209190421546805744f394f69.21407219; FRT:SIGNUPSOURCE=ultra-deal; FRT:LANDER=ultra-deal-20-1; PHPSESSID=7ca308a856b1f2a9ebdc97876959a70b; _snsd=djpWa2xUT2pJMU1EUXlNRGt4T1RBME1qRTFORFk0TURVM05EUm1NemswWmpZNUxqSXhOREEzTWpFNSxhOlJrbEVPa0ZHUmpveE5qazBOemMyT0RrNE9rTklRMU5MT0RkMldUZFFUR3M9LGM6TmpkbE1tVTRPREUwWXpBNE1RPT0sczE6TVRjNU1EWT0sczI6TXpBek0yUTNNakl0TmpGak9TMDBPREEwTFdJeE9Ea3ROREk1TW1KbE1ETTFZMk00LHMzOg%3D%3D; 3PROD=TAVPREM; LC=eyJhbGciOiJSU0EiLCJ0eXAiOiJKV1QifQ.eyJqdGkiOjEyNjk5MjA0MzIsInJlbWVtYmVyTWUiOnRydWUsInVzZXIiOiJlN2E3NTMwOWU5ZWY1ZWZhMWU5NDQzMjZjYTMyY2ZiYjUyNWQ0YmEwM2RjZjk4MTQwYTI3ODQ5Mjc5ZWNiNGMyNTc0OWFhZTkwZWUxNmIwYzI4NGJiN2QwNzg1ZjM2MWY3OTYwODZlZjYwNjBlY2VkYjA5ODkwZjBhNjQ4MzBhZTI5NmVjOWNiMjJlMGU0MzkxYWIxOGU4ODYzNzdlZmE4M2M3MmM5YjNiMGZjYzJhOGYwMTQxYmI5MDM4MWE1MDM3N2IxNDBlOGU1ZThjMGE2NDcyMDA3MDMyNDI4NzI5YzNkZGE3MTI0ZTM0ZDYyYzViOWYxYTI0NGFhYzQwZjBlMDI4OGMxNTFjOWZlM2I4ZDNmYTUxNDRhOGRmNTk3MjIyN2IwZTkwZTA2MjJjMmM3ZWE4YjQxNzZiNGRiMGU0MjcyNzliMjRmODViOGQ5ZjExNzY2NjJhYzJiMzQ4OTNjOTIzM2E2OWQzYWVkZTRlOGQzMDA4MWRkYTU3M2E3NmNlN2EwMzI0OWFiMGExMDQyZjBkNWVkMDNkMWNlZjIzMjgyZWZlNmZjNTQ0MmQyODBlMDc4NjdmZjc1MDRiOTkyMTQyMWY2NWQ5YjJlNzU5OWI0MzQwY2E5OGRmNWNjY2M2NGU3ZjI2YjE3OWRiYzUzMzU1N2JhOWYzNjVlYzMzMGEwMmYzZTc0NWI3Zjg0MmIzODU1YTFmOGJkMDk4YjZmNzg5NDQ2Zjg0OGRjNTJhMjBkYTQ3ODRkMzA0OTZlYzBlM2E3ZGFkNTIwOTEyMjYzM2RkMzU5MTYwZGViMzQzODllZDZkZTM0OGQwZDQyYzYyNzc1MmI2YWEyNDkxMmUzMjMzMDVlYzEzOGUxZGRmYSIsInVzZXJJZCI6MTk1MjUwODQwLCJjdXN0b21lckZpZCI6IkZJRDpDU1Q6MTc0NTE4NzkyMTpic0xRTldBT0oxNXpyIiwiaWF0IjoxNzQ1MTg3OTIxfQ.Gw6TJblHiBwCgFy_RTvEP2yPJ8SsksFR4eJ6lEjG13P3c0r_k6cApyzje6DERSlw-qUS_ob136C_PedmQqpD4ZcPnqDucc1vKruO3t1yv5slMesvw79caKt299R6IvH2rxtlghmtqtq467Dc3Td6zfVm4gaXkJfgQwBwcpy6bcmFOWCXD1EQKEe1CK9aaaWn3KDT-jo5Wh3XXKCIAxnMMLIFGJGYQtID9upFaqm4Dcc-UXgCXvdbRMuTgfwmuocMeJu4Cde8NbRYh9E4qLXHRjWcxk-yL3PjFt0wL6H1y8VyTKvYfhKzxzdOcPAxGOO2Cov2dxN2n3DMIz30eMHQxg; FRT:PROD=TAVPREM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: keycdn
date: Sun, 20 Apr 2025 22:25:22 GMT
content-type: image/png
content-length: 25137
x-guploader-uploadid: AFIdbgTe8H-lxJ3KzhRAE8BqYL4ahCUwI47G-YH2X8XXOLGEDbMHuTXIViWWwBEFaXAnp12Lx9-tjwA
x-goog-generation: 1737727699734276
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 25137
x-goog-hash: crc32c=VJGS/g==, md5=3I7lI6RF0dPD589SB4989Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-expose-headers: Content-Type
expires: Sun, 27 Apr 2025 22:25:22 GMT
cache-control: max-age=604800
last-modified: Fri, 24 Jan 2025 14:08:19 GMT
etag: "dc8ee523a445d1d3c3e7cf52078f7cf5"
age: 288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link: <https://storage.googleapis.com/protected-static/img/layout/kondo/secure/divided-orderform/tav-awards2024.png>; rel="canonical"
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
192.243.61.227