en.softonic.com Open in urlscan Pro
35.227.233.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://en.softonic.com/downloads/ransomware
Submission: On August 22 via manual (August 22nd 2023, 6:36:49 pm UTC) from PT — Scanned from PT

Summary HTTP 40 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 13 domains to perform 40 HTTP transactions. The main IP is 35.227.233.104, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is en.softonic.com. The Cisco Umbrella rank of the primary domain is 65590.
TLS certificate: Issued by Don Dominio / MrDomain RSA DV CA on December 23rd 2022. Valid for: a year.

This is the only time en.softonic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	35.227.233.104 35.227.233.104	15169 (GOOGLE) (GOOGLE)
3	99.84.88.44 99.84.88.44	16509 (AMAZON-02) (AMAZON-02)
3	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
9	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
3	23.67.132.99 23.67.132.99	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.161.56 13.226.161.56	16509 (AMAZON-02) (AMAZON-02)
3	18.173.189.135 18.173.189.135	16509 (AMAZON-02) (AMAZON-02)
1	104.26.7.139 104.26.7.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	104.26.3.70 104.26.3.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.240.92 139.45.240.92	57304 (RUBY-AS) (RUBY-AS)
40	18

4 35.227.233.104 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 104.233.227.35.bc.googleusercontent.com

en.softonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
softonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.88.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-44.muc50.r.cloudfront.net

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.1.91 (United States)

ASN54113 (FASTLY, US)

sc.sftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.67.132.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-132-99.deploy.static.akamaitechnologies.com

images.sftcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.161.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-161-56.mxp64.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.189.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-189-135.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.139 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.227 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.google.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)

notix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	sftcdn.net sc.sftcdn.net — Cisco Umbrella Rank: 108937 images.sftcdn.net — Cisco Umbrella Rank: 95518	112 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1213 api.btloader.com — Cisco Umbrella Rank: 1267	7 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 ad.doubleclick.net — Cisco Umbrella Rank: 187 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	159 KB
4	softonic.com en.softonic.com — Cisco Umbrella Rank: 65590 softonic.com — Cisco Umbrella Rank: 53178	204 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 361	64 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	250 KB
3	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 6825	152 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1297	1 KB
1	notix.io notix.io — Cisco Umbrella Rank: 11801	266 B
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1013	26 KB
1	google.co.in www.google.co.in — Cisco Umbrella Rank: 13820	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	455 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2013	46 KB
40	13

	Domain	Requested by
9	sc.sftcdn.net	en.softonic.com
3	api.btloader.com	btloader.com www.datadoghq-browser-agent.com
3	c.amazon-adsystem.com	softonic.com www.datadoghq-browser-agent.com
3	images.sftcdn.net	en.softonic.com
3	softonic.com	en.softonic.com softonic.com
3	www.googletagmanager.com	en.softonic.com www.googletagmanager.com sdk.privacy-center.org
3	sdk.privacy-center.org	en.softonic.com sdk.privacy-center.org
2	ad-delivery.net	en.softonic.com
2	securepubads.g.doubleclick.net	en.softonic.com securepubads.g.doubleclick.net
1	notix.io
1	cdn.id5-sync.com	en.softonic.com
1	www.google.co.in	en.softonic.com
1	www.google.com	en.softonic.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	ad.doubleclick.net	en.softonic.com
1	btloader.com	softonic.com
1	www.datadoghq-browser-agent.com	softonic.com
1	en.softonic.com
40	18

This site contains links to these domains. Also see Links.

Domain
roblox.en.softonic.com
chrome.en.softonic.com
free-pdf-tools.en.softonic.com
www.softonic-ar.com
de.softonic.com
www.softonic.com
fr.softonic.com
www.softonic-id.com
it.softonic.com
www.softonic.jp
www.softonic.kr
www.softonic.nl
www.softonic.pl
www.softonic.com.br
www.softonic.ru
www.softonic-th.com
www.softonic.com.tr
www.softonic.vn
www.softonic.cn
norton-antivirus.en.softonic.com
acronis-true-image.en.softonic.com
avira-free-antivirus.en.softonic.com
iobit-malware-fighter.en.softonic.com
sophos-home.en.softonic.com
bitdefender-anti-ransomware-tool.en.softonic.com
norton-antivirus-mac.en.softonic.com
acronis-ransomware-protection.en.softonic.com
ransomfree.en.softonic.com
malwarebytes-anti-ransomware.en.softonic.com
sbguard-anti-ransomware.en.softonic.com
appcheck-anti-ransomware.en.softonic.com
ransomware-defender.en.softonic.com
ransomstopper-free-home-and-personal.en.softonic.com
hello.softonic.com
get-support.softonic.com
revamp.softonic.com
dev-support.softonic.com
www.facebook.com
twitter.com
www.linkedin.com
fetchrss.com

Subject Issuer	Validity	Valid
*.softonic.com Don Dominio / MrDomain RSA DV CA	`2022-12-23` - `2023-12-22`	a year	crt.sh
*.privacy-center.org Amazon RSA 2048 M02	`2023-03-25` - `2024-04-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
s4-san.cloudinary.com R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-06` - `2024-07-05`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.co.in GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
notix.io R3	`2023-07-03` - `2023-10-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://en.softonic.com/downloads/ransomware
Frame ID: 9C88B04A9DECA73D9523A86D5F6D4674
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Ransomware - Best Software & Apps

Detected technologies

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

40
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

18
IPs

4
Countries

1022 kB
Transfer

3664 kB
Size

8
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://roblox.en.softonic.com/games
Title: Roblox Games

Search URL Search Domain Scan URL

URL: https://chrome.en.softonic.com/extensions
Title: Google Chrome Extensions

Search URL Search Domain Scan URL

URL: https://free-pdf-tools.en.softonic.com/
Title: Free PDF Online Tools

Search URL Search Domain Scan URL

URL: https://www.softonic-ar.com/
Title: عربي

Search URL Search Domain Scan URL

URL: https://de.softonic.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.softonic.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.softonic.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.softonic-id.com/
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://it.softonic.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.softonic.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.softonic.kr/
Title: 한국어/조선말

Search URL Search Domain Scan URL

URL: https://www.softonic.nl/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://www.softonic.pl/
Title: Polski

Search URL Search Domain Scan URL

URL: https://www.softonic.com.br/
Title: Português

Search URL Search Domain Scan URL

URL: https://www.softonic.ru/
Title: Русский

Search URL Search Domain Scan URL

URL: https://www.softonic-th.com/
Title: ภาษาไทย

Search URL Search Domain Scan URL

URL: https://www.softonic.com.tr/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://www.softonic.vn/
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://www.softonic.cn/
Title: 中文

Search URL Search Domain Scan URL

URL: https://norton-antivirus.en.softonic.com/
Title: Norton 360 Deluxe3.7FreeNorton 360 Deluxe: A budget-friendly antivirus solution

Search URL Search Domain Scan URL

URL: https://norton-antivirus.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://acronis-true-image.en.softonic.com/
Title: Acronis True Image3.9FreeNever Lose Another File

Search URL Search Domain Scan URL

URL: https://acronis-true-image.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://avira-free-antivirus.en.softonic.com/
Title: Avira Free Antivirus4FreeA free anti-virus, anti-malware and anti-ransomware program

Search URL Search Domain Scan URL

URL: https://avira-free-antivirus.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://iobit-malware-fighter.en.softonic.com/
Title: IObit Malware Fighter4.1FreeFree anti-malware & antivirus specialized in ransomware

Search URL Search Domain Scan URL

URL: https://iobit-malware-fighter.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://sophos-home.en.softonic.com/
Title: Sophos Home Security Free3.6FreeA quality PC and Mac antivirus and web filter

Search URL Search Domain Scan URL

URL: https://sophos-home.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://sophos-home.en.softonic.com/mac/download
Title: Sophos Home Security Free for Mac

Search URL Search Domain Scan URL

URL: https://sophos-home.en.softonic.com/android/download
Title: Sophos Home Security Free for Android

Search URL Search Domain Scan URL

URL: https://sophos-home.en.softonic.com/mac
Title: Mac

Search URL Search Domain Scan URL

URL: https://sophos-home.en.softonic.com/android
Title: Android

Search URL Search Domain Scan URL

URL: https://bitdefender-anti-ransomware-tool.en.softonic.com/
Title: Bitdefender Anti-Ransomware Tool4.2FreeProtect Your Computer From The Dreaded TeslaCrypt For Free

Search URL Search Domain Scan URL

URL: https://bitdefender-anti-ransomware-tool.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://norton-antivirus-mac.en.softonic.com/mac
Title: Norton Security Deluxe2.7FreeProfessional and award-winning antivirus software application

Search URL Search Domain Scan URL

URL: https://norton-antivirus-mac.en.softonic.com/mac/download
Title: Free Download for Mac

Search URL Search Domain Scan URL

URL: https://acronis-ransomware-protection.en.softonic.com/
Title: Acronis Ransomware Protection4.2FreeA Tool that Offers More Protection than an Antivirus

Search URL Search Domain Scan URL

URL: https://acronis-ransomware-protection.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://ransomfree.en.softonic.com/
Title: RansomFree4FreeA free program that helps protect against ransomware

Search URL Search Domain Scan URL

URL: https://ransomfree.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://malwarebytes-anti-ransomware.en.softonic.com/
Title: Malwarebytes Anti-Ransomware3FreeProtect Your Computer From Data Kidnappers At All Times

Search URL Search Domain Scan URL

URL: https://malwarebytes-anti-ransomware.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://sbguard-anti-ransomware.en.softonic.com/
Title: SBGuard Anti-Ransomware4.5FreeA powerful anti-ransomware for extra security

Search URL Search Domain Scan URL

URL: https://sbguard-anti-ransomware.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://appcheck-anti-ransomware.en.softonic.com/
Title: AppCheck Anti-Ransomware4.7FreeFully featured anti-ransomware for PC

Search URL Search Domain Scan URL

URL: https://appcheck-anti-ransomware.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://ransomware-defender.en.softonic.com/android
Title: Ransomware Defender4.4FreeA free app for Android, by ShieldApps.

Search URL Search Domain Scan URL

URL: https://ransomware-defender.en.softonic.com/android/download
Title: Free Download for Android

Search URL Search Domain Scan URL

URL: https://ransomstopper-free-home-and-personal.en.softonic.com/
Title: RANSOMSTOPPER Free Home & Personal4.4FreeProtect your devices from ransomware

Search URL Search Domain Scan URL

URL: https://ransomstopper-free-home-and-personal.en.softonic.com/download
Title: Free Download for Windows

Search URL Search Domain Scan URL

URL: https://hello.softonic.com/
Title: Softonic Info

Search URL Search Domain Scan URL

URL: https://get-support.softonic.com/
Title: Help & Support

Search URL Search Domain Scan URL

URL: https://hello.softonic.com/careers/#join-us
Title: Jobs

Search URL Search Domain Scan URL

URL: https://revamp.softonic.com/
Title: Monetization solutions for Publishers

Search URL Search Domain Scan URL

URL: https://dev-support.softonic.com/customer/en/portal/articles?b_id=5424
Title: Upload and Manage your Software

Search URL Search Domain Scan URL

URL: https://hello.softonic.com/software-policy/
Title: Software Policy

Search URL Search Domain Scan URL

URL: https://hello.softonic.com/advertise-with-us/
Title: Advertising Opportunities

Search URL Search Domain Scan URL

URL: https://hello.softonic.com/legal-information/
Title: Legal Information

Search URL Search Domain Scan URL

URL: https://hello.softonic.com/terms-of-use/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://hello.softonic.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://hello.softonic.com/cookies-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/softonic.en/
Title: Become a fan of Softonic

Search URL Search Domain Scan URL

URL: https://twitter.com/softonic
Title: Follow us @Softonic

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/softonic
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://fetchrss.com/rss/5b9a408c8a93f8082a8b4567776553816.xml
Title: Subscribe to our RSS feeds

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ransomware Show response
en.softonic.com/downloads/ 256 KB
41 KB 599ms
480ms Document
text/html 35.227.233.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

104.233.227.35.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

8ccecf650726dbff4c42c8fba771c081078e0650b51779e229468bdc4d261694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: br
content-language: en-US
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 22 Aug 2023 18:36:43 GMT
permissions-policy: accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: user-agent,accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-detected-as: desktop
x-envoy-upstream-service-time: 399
x-frame-options: sameorigin
x-is-bot: false
x-page-id: topic
x-rendered-as: desktop
x-request-id: 5641540f-81e7-476f-a2fa-fc9b4c9bfb45
x-served-by: server-7654457fb7-h5s5z
x-version: 1.5978.0
x-xss-protection: 1

GET
H2 200 loader.js Show response
sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/ 72 KB
19 KB 483ms
273ms Script
application/javascript 99.84.88.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-44.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 50123b30823331304d220dfe4c2786ad82907f37fa5d7b6f31fde554d0f6754c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: gzip
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
x-didomi-remote-config-source: Lambda
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-C1
etag: "2c09cbb1db974ba46fef5fc38f047e88"
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200, public
content-length: 19112
x-amz-cf-id: 26WJfahGwnxH9EmuJ6G-tvkaiHpuS1db_yYnb0iYjPbPpSCClWzbyQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 408 KB
114 KB 314ms
133ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7fb366084bc687e29c428910a2a8ca1609aaf6e50c14a11de07c511d237b8adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116392
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 18:36:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
29 KB 376ms
215ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

b880b75511c508ba4b0ca88bf6900824a54223ada6619cb7782efd6b613dc348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29690
x-xss-protection: 0
server: cafe
etag: 170 / 19591 / 31077271 / config-hash: 14107746840449967395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 18:36:44 GMT

GET
H2 200 sft-prebid.js Show response
softonic.com/revamp/ 304 KB
86 KB 289ms
179ms Script
application/javascript 35.227.233.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://softonic.com/revamp/sft-prebid.js
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 104.233.227.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 71847bb7b5a3390155db759832e9e75a9ef053fe23201c62e1f4661558784d3d

Request headers

Referer: https://en.softonic.com/
Origin: https://en.softonic.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-version: 1.1219.0
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
via: 1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age: 2
x-cache: MISS, HIT
x-envoy-upstream-service-time: 9
x-region: 16
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87326
x-request-id: 37c1f56b-71d2-412a-95f9-93cf22ef45ab
x-served-by: cache-ams21030-AMS, cache-par-lfpg1960052-PAR
x-platform-version: NT 10.0
x-browser-version: 116.0.5845.96
x-platform-id: Windows 10
server: istio-envoy
x-publisher-id: softonic
x-timer: S1692729404.211951,VS0,VE2
etag: W/"eebd0523db58c4c9b6cad9f9d03a5c3e"
x-browser-name: Chrome
vary: Accept-Encoding,x-country-code,x-device-platform
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform: Desktop
accept-ranges: bytes
x-country-code: PT
x-cache-hits: 0, 1

GET
H2 200 72c3f-ecf3d.mjs Show response
sc.sftcdn.net/scripts/ 46 KB
13 KB 225ms
99ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.sftcdn.net/scripts/72c3f-ecf3d.mjs
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 3576a2bafa96815201b8a9e91c44f967b1cb04c5e07af7c3f1ec5e60173aeb7a

Request headers

Referer: https://en.softonic.com/
Origin: https://en.softonic.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Thu, 08 Aug 2024 07:30:02 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 1163202
x-cache: HIT, HIT
x-envoy-upstream-service-time: 4
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13292
x-served-by: cache-ams12773-AMS, cache-lis1490023-LIS
last-modified: Wed, 09 Aug 2023 07:03:46 GMT
server: istio-envoy
x-timer: S1692729404.118859,VS0,VE0
etag: W/"64d33a52-b7a4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 15, 5200

GET
H2 200 23986-9d842.mjs Show response
sc.sftcdn.net/scripts/ 96 KB
21 KB 224ms
99ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.sftcdn.net/scripts/23986-9d842.mjs
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 4094292d85ca24620ed6d2cedb76d5b2d1dd1bc4d9096f0beb3d4a052a35fd19

Request headers

Referer: https://en.softonic.com/
Origin: https://en.softonic.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Wed, 21 Aug 2024 14:57:30 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 13153
x-cache: HIT, HIT
x-envoy-upstream-service-time: 104
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21283
x-served-by: cache-ams12762-AMS, cache-lis1490023-LIS
last-modified: Tue, 22 Aug 2023 14:45:47 GMT
server: istio-envoy
x-timer: S1692729404.118854,VS0,VE0
etag: W/"64e4ca1b-17f77"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 4, 141

GET
H2 200 norton-antivirus-download-Norton-360-Deluxe.jpg
images.sftcdn.net/images/t_app-icon-s/p/47179d9e-96d2-11e6-aa34-00163ec9f5fa/1653347346/ 2 KB
3 KB 423ms
93ms Image
image/webp 23.67.132.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sftcdn.net/images/t_app-icon-s/p/47179d9e-96d2-11e6-aa34-00163ec9f5fa/1653347346/norton-antivirus-download-Norton-360-Deluxe.jpg

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.132.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-132-99.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

695fa8e595fc8d57457fa67421ed9d6ea1e9970a958bfb20d94290d1c5f547ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 16 May 2023 15:51:42 GMT
server: Cloudinary
etag: "be4ecb5e003a1f1048983e6c857f158e"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31536000
content-disposition: inline; filename="1653347346.webp"
server-timing: cld-akam;dur=5;start=2023-08-22T18:36:44.401Z;desc=hit,rtt;dur=37,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=27393"
accept-ranges: bytes
timing-allow-origin: *
content-length: 2174

GET
H2 200 5bba3-e5711.woff2
sc.sftcdn.net/fonts/ 12 KB
13 KB 217ms
98ms Font
font/woff2 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.sftcdn.net/fonts/5bba3-e5711.woff2
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://en.softonic.com/
Origin: https://en.softonic.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Thu, 25 Apr 2024 10:03:57 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 10225966
x-cache: HIT, HIT
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12698
x-served-by: cache-ams12758-AMS, cache-lis1490023-LIS
last-modified: Tue, 25 Apr 2023 16:38:22 GMT
server: istio-envoy
x-timer: S1692729404.118874,VS0,VE0
etag: W/"644801fe-319c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 12, 5129

GET
H2 200 sft-bundle.js Show response
softonic.com/revamp/ 345 KB
77 KB 201ms
87ms Script
application/javascript 35.227.233.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 104.233.227.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: f1d758079fc70d02c980abcd4e2904b925bd3a1012d73b350cefc1ada5325c82

Request headers

Referer: https://en.softonic.com/
Origin: https://en.softonic.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-version: 1.1219.0
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
via: 1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age: 31608
x-cache: MISS, HIT
x-envoy-upstream-service-time: 8
x-region: 16
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77752
x-request-id: 2e08888a-7a61-4d56-aee8-1b3df4246ce1
x-served-by: cache-ams12740-AMS, cache-par-lfpg1960061-PAR
x-platform-version: NT 10.0
x-browser-version: 116.0.5845.96
x-platform-id: Windows 10
server: istio-envoy
x-publisher-id: softonic
x-timer: S1692729404.184666,VS0,VE2
etag: W/"9305b2a3a878c4ed53b9e4ba19e18678"
x-browser-name: Chrome
vary: Accept-Encoding,x-device-platform,x-platform-id
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform: Desktop
accept-ranges: bytes
x-country-code: PT
x-cache-hits: 0, 4932

GET
H2 200 e1d66-3fc88.css
sc.sftcdn.net/styles/ 108 KB
17 KB 132ms
43ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.sftcdn.net/styles/e1d66-3fc88.css
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 0a19abd244203e39bbb2017a4e61358cb64e6099baa88af8b46a8969ebae66ee

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Thu, 15 Aug 2024 08:39:10 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 554254
x-cache: HIT, HIT
x-envoy-upstream-service-time: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16934
x-served-by: cache-ams12723-AMS, cache-lis1490021-LIS
last-modified: Mon, 14 Aug 2023 13:09:15 GMT
server: istio-envoy
x-timer: S1692729404.143453,VS0,VE0
etag: W/"64da277b-1aeaf"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 17, 4700

GET
H2 200 62742-04630.css
sc.sftcdn.net/styles/ 5 KB
2 KB 148ms
59ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.sftcdn.net/styles/62742-04630.css
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2b4c3132214e8caf087df8a9254f745efd1cf75c95d3460b429bc8df70095c24

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Wed, 31 Jul 2024 03:23:15 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 1869208
x-cache: HIT, HIT
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1918
x-served-by: cache-ams12736-AMS, cache-lis1490021-LIS
last-modified: Thu, 27 Jul 2023 13:06:44 GMT
server: istio-envoy
x-timer: S1692729404.143635,VS0,VE0
etag: W/"64c26be4-1374"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 12, 16

GET
H2 200 acronis-true-image-icon.png
images.sftcdn.net/images/t_app-icon-s/p/894fe214-99ea-11e6-a699-00163ed833e7/3937983831/ 1 KB
1 KB 416ms
95ms Image
image/webp 23.67.132.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sftcdn.net/images/t_app-icon-s/p/894fe214-99ea-11e6-a699-00163ed833e7/3937983831/acronis-true-image-icon.png

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.132.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-132-99.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

3cab0defa685a2a29129b77377dc980074f626cf67f7782f3774a72b58aca73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 14 Feb 2023 08:56:47 GMT
server: Cloudinary
etag: "03f5bb13ceb9231ad0e029de981bb368"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31536000
content-disposition: inline; filename="3937983831.webp"
server-timing: cld-akam;dur=13;start=2023-08-22T18:36:44.401Z;desc=hit,rtt;dur=37,content-info;desc="width=112,height=112,owidth=1728,oheight=1680,obytes=649125"
accept-ranges: bytes
timing-allow-origin: *
content-length: 1050

GET
H2 200 avira-free-antivirus-logo.png
images.sftcdn.net/images/t_app-icon-s/p/17c3a4c6-96d1-11e6-a49b-00163ed833e7/2994784678/ 1 KB
2 KB 423ms
102ms Image
image/webp 23.67.132.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sftcdn.net/images/t_app-icon-s/p/17c3a4c6-96d1-11e6-a49b-00163ed833e7/2994784678/avira-free-antivirus-logo.png

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.132.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-132-99.deploy.static.akamaitechnologies.com

Software

Cloudinary /

Resource Hash

2c94c3b3038a88cba7f2f0ab23c917758c12bd03873ae1078b59286ab5f656f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 14 Feb 2023 08:50:57 GMT
server: Cloudinary
etag: "a0961fefdaac815f8c79c30f057023d6"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31536000
content-disposition: inline; filename="2994784678.webp"
server-timing: cld-akam;dur=11;start=2023-08-22T18:36:44.407Z;desc=hit-near,rtt;dur=37,content-info;desc="width=112,height=112,owidth=500,oheight=500,obytes=92379"
accept-ranges: bytes
timing-allow-origin: *
content-length: 1396

GET
H2 200 40150-5ccc4.css
sc.sftcdn.net/styles/ 0
3 KB 165ms
86ms Other
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.sftcdn.net/styles/40150-5ccc4.css
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Tue, 09 Jul 2024 10:04:16 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 3745948
x-cache: HIT, HIT
x-envoy-upstream-service-time: 4
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2845
x-served-by: cache-ams12724-AMS, cache-lis1490021-LIS
last-modified: Thu, 06 Jul 2023 13:52:11 GMT
server: istio-envoy
x-timer: S1692729404.143635,VS0,VE0
etag: W/"64a6c70b-2f0c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 4, 9403

GET
H2 200 585ea-68c47.woff2
sc.sftcdn.net/fonts/ 16 KB
17 KB 89ms
44ms Font
font/woff2 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.sftcdn.net/fonts/585ea-68c47.woff2
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer: https://en.softonic.com/
Origin: https://en.softonic.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Thu, 25 Apr 2024 10:03:59 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 10225965
x-cache: HIT, HIT
x-envoy-upstream-service-time: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16706
x-served-by: cache-ams21069-AMS, cache-lis1490023-LIS
last-modified: Tue, 25 Apr 2023 16:38:22 GMT
server: istio-envoy
x-timer: S1692729404.118109,VS0,VE0
etag: W/"644801fe-4144"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 34, 4788

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c47263533185e3ab31302e9abca9bba145887a260581d27281e673098005647c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 d1174-0627e.woff2
sc.sftcdn.net/fonts/ 17 KB
17 KB 134ms
98ms Font
font/woff2 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.sftcdn.net/fonts/d1174-0627e.woff2
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Request headers

Referer: https://en.softonic.com/
Origin: https://en.softonic.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Thu, 25 Apr 2024 10:04:01 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 10225961
x-cache: HIT, HIT
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17553
x-served-by: cache-ams21076-AMS, cache-lis1490023-LIS
last-modified: Tue, 25 Apr 2023 16:38:22 GMT
server: istio-envoy
x-timer: S1692729404.118909,VS0,VE0
etag: W/"644801fe-4490"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 2677, 4814

GET
DATA 200
OK truncated
/ 68 B
68 B Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fa090-0d026.svg
sc.sftcdn.net/images/ 5 KB
3 KB 48ms
47ms Image
image/svg+xml 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc.sftcdn.net/images/fa090-0d026.svg
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Thu, 25 Apr 2024 10:03:57 GMT
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-device-type: common
age: 10225968
x-cache: HIT, HIT
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2107
x-served-by: cache-ams21030-AMS, cache-lis1490021-LIS
last-modified: Tue, 25 Apr 2023 16:38:21 GMT
server: istio-envoy
x-timer: S1692729404.237700,VS0,VE0
etag: W/"644801fd-12b0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits: 60, 9367

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 144 KB
46 KB 296ms
119ms Script
application/javascript 13.226.161.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.161.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-161-56.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2013a6392ba54319e556095644b6b1757ee3f46d676f6cab3ae0d2239ed979f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:22 GMT
content-encoding: br
via: 1.1 39f1c2b303f74f82f7b3247df60d3c46.cloudfront.net (CloudFront)
last-modified: Wed, 16 Aug 2023 13:41:21 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C3
age: 24
x-amz-server-side-encryption: AES256
etag: W/"438ba620187f3819e2dcd4f56fc76dcb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: GiGgOZs7iWTBC8gzXTVrslFC9foPzReGEMvsyqR71Xi3u1xnb-uVVw==

HEAD
H2 200 sft-bundle.js
softonic.com/revamp/ 0
0 89ms
88ms Fetch
application/javascript 35.227.233.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Requested by: Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 104.233.227.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-version: 1.1219.0
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
via: 1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age: 31607
x-cache: MISS, HIT
x-envoy-upstream-service-time: 6
x-region: 16
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77752
x-request-id: 2e08888a-7a61-4d56-aee8-1b3df4246ce1
x-served-by: cache-ams12740-AMS, cache-par-lfpg1960093-PAR
x-platform-version: NT 10.0
x-browser-version: 116.0.5845.96
x-platform-id: Windows 10
server: istio-envoy
x-publisher-id: softonic
x-timer: S1692729404.382716,VS0,VE0
etag: W/"9305b2a3a878c4ed53b9e4ba19e18678"
x-browser-name: Chrome
vary: Accept-Encoding,x-device-platform,x-platform-id
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform: Desktop
accept-ranges: bytes
x-country-code: PT
x-cache-hits: 0, 3260

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 247 KB
60 KB 325ms
132ms Script
application/javascript 18.173.189.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.189.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-189-135.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a98bbedfe137634d13583cfe8f3c45c2619a3b000e5040a2d278e34113a7e718

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:22:52 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 e962a4214db0639b31056a5ae4bf22f4.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 16:46:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P4
age: 833
x-amz-server-side-encryption: AES256
etag: W/"18d224f28cc64cc090497710b99f69ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 50QDJTOjMEoJmQp9mwHQ3WwSI9NgbfQb9MOPd8Qg1joEcJdJ--AUaQ==

GET
H2 200 tag Show response
btloader.com/ 15 KB
7 KB 184ms
63ms Script
application/javascript 104.26.7.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Requested by: Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffedb2913543a333215d9eb7d565b2712bd25a2028bedd2be1f8d15efe52b5d4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 17:42:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3136
etag: W/"89fd282732ba3633ffd4fbec7382c7ea"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=322V6TgxApiid%2FndOgkVd71RuiyxJyMIu%2F77LFsBnktTSfm%2BUjCm2Xma4H%2Fw9OznxrUrRHHTI%2Fvwv9GiRhPgmvGR5aLyF86%2F5iUkwHvx9sIjHfb%2BOppC4LWAkTrPMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7fad391a1c763153-MAD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 98ms
97ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

46ddfbc3f2b4aaadb772d0d72574e9c708f0dae4f8683f481252d64f5ed2be0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69391
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 18:36:44 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 402 KB
127 KB 76ms
75ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28712
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 21 Aug 2024 10:38:12 GMT

GET
H2 200 sdk.d6583a5aafc2dbb84d787063831f5301f90df052.js Show response
sdk.privacy-center.org/sdk/d6583a5aafc2dbb84d787063831f5301f90df052/modern/ 343 KB
89 KB 106ms
106ms Script
application/javascript 99.84.88.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/d6583a5aafc2dbb84d787063831f5301f90df052/modern/sdk.d6583a5aafc2dbb84d787063831f5301f90df052.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-44.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11035de5e31f7f5610e887250420807f0fcf0b88852d1c114d756337e1440507

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:40:18 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 13:34:01 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1692710546/ctime:1692710546/gid:0/gname:root/md5:d76c420b5d23eafbdffd12c70e9d85f5/mode:33188/mtime:1692710546/uid:0/uname:root
x-amz-cf-pop: MUC50-C1
age: 17787
etag: W/"d76c420b5d23eafbdffd12c70e9d85f5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: fdlz_GOy1zYRzP5UqSXNudQRLC8wqRu_HI7fe1_-I-4beGyilOyypQ==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 278ms
157ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Aug 2023 18:36:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
923 B 179ms
62ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901164
x-guploader-uploadid: ADPycdvHMM-BFbqfIh9aqSqM4K4ugq3LYGOYz_XB9Yh8prD8ApPLyY7Nd02MIp15czwUD-EdbS9zuOGp2slZpF7Pl9kYJwbpkKVT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FejbDevCgK43fm33IIiR9ReiENIsFUL1%2Bn8YFJjgy39fBcx9FFF%2FslYnWcqy0UMPUErZXCwNbgCSQKHPkNQdjo7jZI3KBUwCAI0SjUvBPTHLDEY8HmjE8bdH6vmB1rM4g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7fad391b4988867a-MAD
expires: Mon, 31 Jul 2023 19:15:37 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 243ms
77ms Image
image/x-icon 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 03:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Aug 2023 03:50:50 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
324 B 181ms
64ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7954557989004933
Requested by: Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901164
x-guploader-uploadid: ADPycdvHMM-BFbqfIh9aqSqM4K4ugq3LYGOYz_XB9Yh8prD8ApPLyY7Nd02MIp15czwUD-EdbS9zuOGp2slZpF7Pl9kYJwbpkKVT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P8D8QzBFWe4cnZzykZggGuM8eS943YziaGhj0uzMrDCAl%2FoPuKiAQ0hhCnBhTngoXiD7J8AClS1kXsdDwufidp5H7VvwewudcfRJltVC71LlG%2FDWswQYu9jjV%2FJ3phZNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7fad391b498d867a-MAD
expires: Mon, 31 Jul 2023 19:15:37 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/ 3 KB
2 KB 277ms
101ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1692729404563&cv=11&fst=1692729404563&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fen.softonic.com%2Fdownloads%2Fransomware&hn=www.googleadservices.com&frm=0&tiba=Download%20Ransomware%20-%20Best%20Software%20%26%20Apps&auid=519524338.1692729404&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a579cd2d164a0d11155b1879a727e652ecb5f447bf60e34e257e36dacb8b1b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ui-gdpr-en-web.d6583a5aafc2dbb84d787063831f5301f90df052.js Show response
sdk.privacy-center.org/sdk/d6583a5aafc2dbb84d787063831f5301f90df052/modern/ 216 KB
44 KB 106ms
106ms Script
application/javascript 99.84.88.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/d6583a5aafc2dbb84d787063831f5301f90df052/modern/ui-gdpr-en-web.d6583a5aafc2dbb84d787063831f5301f90df052.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/d6583a5aafc2dbb84d787063831f5301f90df052/modern/sdk.d6583a5aafc2dbb84d787063831f5301f90df052.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-44.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30f558c7f165ef4b5a520544e2314c175ba7e189ab6d4f90a53357bdbfe198cc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:42:04 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 13:34:17 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1692710546/ctime:1692710546/gid:0/gname:root/md5:31a196c9f9b72949cdf021c58efea858/mode:33188/mtime:1692710546/uid:0/uname:root
x-amz-cf-pop: MUC50-C1
age: 17681
etag: W/"31a196c9f9b72949cdf021c58efea858"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: lVOTCUqOAiVlLVC49HqbBOAezFu0ra10rtB8K77SMZR3vaxorbSEyg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 89ms
89ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-631321069

Requested by

Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/d6583a5aafc2dbb84d787063831f5301f90df052/modern/sdk.d6583a5aafc2dbb84d787063831f5301f90df052.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a2165f60b8c2fe18949438c582686d0ad2f93ab4bca5ce28faaff76d904da770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69342
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 18:36:44 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 487 B
836 B 193ms
192ms XHR
application/json 18.173.189.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fen.softonic.com
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.189.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-189-135.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 5c4e5cd8435dc7b4a36fa0cfd3aae88b04dfe0da24dfbcee3732d683424cf4a6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:44 GMT
via: 1.1 e962a4214db0639b31056a5ae4bf22f4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://en.softonic.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 487
x-amz-cf-id: YyyVYlltqBaANurpSYt0jDBGxjWty97qZox-pjIsdM28Vp8nYwPLEg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 270ms
92ms XHR
application/javascript 18.173.189.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.189.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-189-135.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
date: Tue, 22 Aug 2023 05:45:14 GMT
x-amz-cf-pop: MUC50-P4
age: 46292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: H8Q8uBt08Fr5BaIxKwaBi9EbFOiW6DBbtCzTVU82y_w1jQbtog55rw==

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 153ms
152ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 8eeb675cf623424134ac3543609e667d2072a198080f794bdbc3fccf927786bb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:45 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 153ms
153ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=m5s2f9dX&w=5299385968099328&o=5633429348548608&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fen.softonic.com%2Fdownloads%2Fransomware&sid=SLxVgXSry&upapi=true
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Aug 2023 18:36:45 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 /
www.google.com/pagead/1p-user-list/631321069/ 42 B
455 B 267ms
96ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/631321069/?random=1692729404563&cv=11&fst=1692727200000&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fen.softonic.com%2Fdownloads%2Fransomware&frm=0&tiba=Download%20Ransomware%20-%20Best%20Software%20%26%20Apps&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3223783713&rmt_tld=0&ipr=y

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:36:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.in/pagead/1p-user-list/631321069/ 42 B
455 B 249ms
88ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.in/pagead/1p-user-list/631321069/?random=1692729404563&cv=11&fst=1692727200000&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fen.softonic.com%2Fdownloads%2Fransomware&frm=0&tiba=Download%20Ransomware%20-%20Best%20Software%20%26%20Apps&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3223783713&rmt_tld=1&ipr=y

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 18:36:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 118 KB
26 KB 158ms
61ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: en.softonic.com
URL: https://en.softonic.com/downloads/ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: HY7V79DHZBYNMPSR
age: 3409
etag: W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7fad391ef97994e8-LIS
x-amz-id-2: QZvoN1yiEJ/03eQqppCaqvSRICt2w8nm10FLbT5aUZEODd54JrUxUNMxTDILHO4/7lPHXlLr90Q=

GET
H2 200 rtg.gif
notix.io/ 43 B
266 B 264ms
85ms Image
image/gif 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://notix.io/rtg.gif?px=970b339c-fab1-444c-b6ac-fdb4f930cd12

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://en.softonic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:36:38 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 43

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.en.softonic.com/	1969-12-31 23:59:59	Name: _usr_orgn Value: direct
.en.softonic.com/	1970-01-20 14:33:45	Name: _swo_pos Value: 268
.softonic.com/	1970-01-20 14:12:11	Name: rv_prebid_position Value: 470
.softonic.com/	1970-01-20 14:12:11	Name: rv_test_position Value: 772
.softonic.com/	1970-01-20 16:21:45	Name: _gcl_au Value: 1.1.519524338.1692729404
.softonic.com/	1970-01-20 22:59:11	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMThhMWU4OGUtZDNkMS02MmVlLWE4YzMtNmRmOWRhMGZiNDRhIiwiY3JlYXRlZCI6IjIwMjMtMDgtMjJUMTg6MzY6NDQuNzg4WiIsInVwZGF0ZWQiOiIyMDIzLTA4LTIyVDE4OjM2OjQ0Ljc4OFoiLCJ2ZXJzaW9uIjpudWxsfQ==
.doubleclick.net/	1970-01-20 14:12:10	Name: test_cookie Value: CheckForPermission
en.softonic.com/	1970-01-20 14:12:10	Name: _dd_s Value: rum=0&expire=1692730304679

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.amazon-adsystem.com
cdn.id5-sync.com
en.softonic.com
googleads.g.doubleclick.net
images.sftcdn.net
notix.io
sc.sftcdn.net
sdk.privacy-center.org
securepubads.g.doubleclick.net
softonic.com
www.datadoghq-browser-agent.com
www.google.co.in
www.google.com
www.googletagmanager.com
104.26.3.70
104.26.7.139
13.226.161.56
130.211.23.194
139.45.240.92
142.250.184.227
142.250.185.98
142.250.74.200
151.101.1.91
172.217.16.194
172.217.16.196
172.217.23.102
172.67.38.106
18.173.189.135
23.67.132.99
35.227.233.104
99.84.88.44
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a19abd244203e39bbb2017a4e61358cb64e6099baa88af8b46a8969ebae66ee
11035de5e31f7f5610e887250420807f0fcf0b88852d1c114d756337e1440507
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d
2b4c3132214e8caf087df8a9254f745efd1cf75c95d3460b429bc8df70095c24
2c94c3b3038a88cba7f2f0ab23c917758c12bd03873ae1078b59286ab5f656f5
30f558c7f165ef4b5a520544e2314c175ba7e189ab6d4f90a53357bdbfe198cc
3576a2bafa96815201b8a9e91c44f967b1cb04c5e07af7c3f1ec5e60173aeb7a
3cab0defa685a2a29129b77377dc980074f626cf67f7782f3774a72b58aca73e
4094292d85ca24620ed6d2cedb76d5b2d1dd1bc4d9096f0beb3d4a052a35fd19
46ddfbc3f2b4aaadb772d0d72574e9c708f0dae4f8683f481252d64f5ed2be0d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50123b30823331304d220dfe4c2786ad82907f37fa5d7b6f31fde554d0f6754c
5c4e5cd8435dc7b4a36fa0cfd3aae88b04dfe0da24dfbcee3732d683424cf4a6
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
695fa8e595fc8d57457fa67421ed9d6ea1e9970a958bfb20d94290d1c5f547ee
71847bb7b5a3390155db759832e9e75a9ef053fe23201c62e1f4661558784d3d
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
7fb366084bc687e29c428910a2a8ca1609aaf6e50c14a11de07c511d237b8adf
8ccecf650726dbff4c42c8fba771c081078e0650b51779e229468bdc4d261694
8eeb675cf623424134ac3543609e667d2072a198080f794bdbc3fccf927786bb
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
a2013a6392ba54319e556095644b6b1757ee3f46d676f6cab3ae0d2239ed979f
a2165f60b8c2fe18949438c582686d0ad2f93ab4bca5ce28faaff76d904da770
a579cd2d164a0d11155b1879a727e652ecb5f447bf60e34e257e36dacb8b1b5d
a98bbedfe137634d13583cfe8f3c45c2619a3b000e5040a2d278e34113a7e718
b880b75511c508ba4b0ca88bf6900824a54223ada6619cb7782efd6b613dc348
c47263533185e3ab31302e9abca9bba145887a260581d27281e673098005647c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d758079fc70d02c980abcd4e2904b925bd3a1012d73b350cefc1ada5325c82
ffedb2913543a333215d9eb7d565b2712bd25a2028bedd2be1f8d15efe52b5d4

en.softonic.com Open in urlscan Pro 35.227.233.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

0 %IPv6

13 Domains

18 Subdomains

18 IPs

4 Countries

1022 kBTransfer

3664 kBSize

8 Cookies

66 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

en.softonic.com Open in urlscan Pro
35.227.233.104 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

18
IPs

4
Countries

1022 kB
Transfer

3664 kB
Size

8
Cookies

40 HTTP transactions
2 data transactions