hxxps://autohotkey[.]en[.]softonic[.]com

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
02/02/2024, 00:24 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://autohotkey.en.softonic.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133513070871480130"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4568	chrome.exe
4568	chrome.exe
908	chrome.exe
908	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4568	chrome.exe
4568	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe
Token: SeShutdownPrivilege	4568	chrome.exe
Token: SeCreatePagefilePrivilege	4568	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe
4568	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4568 wrote to memory of 5004	4568	chrome.exe	83
PID 4568 wrote to memory of 5004	4568	chrome.exe	83
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 4812	4568	chrome.exe	87
PID 4568 wrote to memory of 3108	4568	chrome.exe	86
PID 4568 wrote to memory of 3108	4568	chrome.exe	86
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85
PID 4568 wrote to memory of 1636	4568	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://autohotkey.en.softonic.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa5e689758,0x7ffa5e689768,0x7ffa5e689778
  2⤵
  PID:5004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2196 --field-trial-handle=1860,i,12345933362073459126,4468981757966415130,131072 /prefetch:8
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1860,i,12345933362073459126,4468981757966415130,131072 /prefetch:8
  2⤵
  PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1860,i,12345933362073459126,4468981757966415130,131072 /prefetch:2
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3024 --field-trial-handle=1860,i,12345933362073459126,4468981757966415130,131072 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2876 --field-trial-handle=1860,i,12345933362073459126,4468981757966415130,131072 /prefetch:1
  2⤵
  PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 --field-trial-handle=1860,i,12345933362073459126,4468981757966415130,131072 /prefetch:8
  2⤵
  PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 --field-trial-handle=1860,i,12345933362073459126,4468981757966415130,131072 /prefetch:8
  2⤵
  PID:3540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3692 --field-trial-handle=1860,i,12345933362073459126,4468981757966415130,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:908

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4512

Network

DNS

autohotkey.en.softonic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

autohotkey.en.softonic.com

IN A

Response

autohotkey.en.softonic.com

IN A

35.227.233.104
GET

https://autohotkey.en.softonic.com/

chrome.exe

Remote address:

35.227.233.104:443

Request

GET / HTTP/2.0
host: autohotkey.en.softonic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

180.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

180.178.17.96.in-addr.arpa

IN PTR

Response

180.178.17.96.in-addr.arpa

IN PTR

a96-17-178-180deploystaticakamaitechnologiescom
DNS

sc.sftcdn.net

chrome.exe

Remote address:

8.8.8.8:53

Request

sc.sftcdn.net

IN A

Response

sc.sftcdn.net

IN CNAME

n.sni.global.fastly.net

n.sni.global.fastly.net

IN A

151.101.1.91

n.sni.global.fastly.net

IN A

151.101.65.91

n.sni.global.fastly.net

IN A

151.101.129.91

n.sni.global.fastly.net

IN A

151.101.193.91
DNS

images.sftcdn.net

chrome.exe

Remote address:

8.8.8.8:53

Request

images.sftcdn.net

IN A

Response

images.sftcdn.net

IN CNAME

softonic.san.cloudinary.com

softonic.san.cloudinary.com

IN CNAME

s4-san.cloudinary.com.edgekey.net

s4-san.cloudinary.com.edgekey.net

IN CNAME

e10700.dsca.akamaiedge.net

e10700.dsca.akamaiedge.net

IN A

104.84.84.34
DNS

sdk.privacy-center.org

chrome.exe

Remote address:

8.8.8.8:53

Request

sdk.privacy-center.org

IN A

Response

sdk.privacy-center.org

IN A

3.162.140.120

sdk.privacy-center.org

IN A

3.162.140.68

sdk.privacy-center.org

IN A

3.162.140.25

sdk.privacy-center.org

IN A

3.162.140.15
GET

https://sc.sftcdn.net/fonts/5bba3-e5711.woff2

chrome.exe

Remote address:

151.101.1.91:443

Request

GET /fonts/5bba3-e5711.woff2 HTTP/2.0
host: sc.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://autohotkey.en.softonic.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: istio-envoy
content-type: application/javascript
last-modified: Wed, 31 Jan 2024 10:32:04 GMT
etag: W/"65ba21a4-b7ae"
expires: Thu, 30 Jan 2025 10:39:25 GMT
cache-control: max-age=31536000,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 6
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Feb 2024 00:24:41 GMT
age: 135916
x-served-by: cache-ams21036-AMS, cache-lhr7345-LHR
x-cache: HIT, HIT
x-cache-hits: 9, 217
x-timer: S1706833481.248394,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13294
GET

https://sc.sftcdn.net/scripts/72c3f-578e4.mjs

chrome.exe

Remote address:

151.101.1.91:443

Request

GET /scripts/72c3f-578e4.mjs HTTP/2.0
host: sc.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://autohotkey.en.softonic.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: istio-envoy
content-type: font/woff2
last-modified: Wed, 15 Nov 2023 14:13:03 GMT
etag: W/"6554d1ef-319c"
expires: Fri, 15 Nov 2024 16:45:35 GMT
cache-control: max-age=31536000,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Feb 2024 00:24:41 GMT
age: 6680345
x-served-by: cache-ams12758-AMS, cache-lhr7345-LHR
x-cache: HIT, HIT
x-cache-hits: 14, 205
x-timer: S1706833481.248387,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12698
GET

https://sc.sftcdn.net/scripts/23986-b7966.mjs

chrome.exe

Remote address:

151.101.1.91:443

Request

GET /scripts/23986-b7966.mjs HTTP/2.0
host: sc.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://autohotkey.en.softonic.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: istio-envoy
content-type: application/javascript
last-modified: Wed, 31 Jan 2024 10:32:04 GMT
etag: W/"65ba21a4-18df9"
expires: Thu, 30 Jan 2025 10:39:25 GMT
cache-control: max-age=31536000,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Feb 2024 00:24:41 GMT
age: 135916
x-served-by: cache-ams21055-AMS, cache-lhr7345-LHR
x-cache: HIT, HIT
x-cache-hits: 8, 223
x-timer: S1706833481.249742,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21898
DNS

softonic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

softonic.com

IN A

Response

softonic.com

IN A

35.227.233.104
GET

https://sc.sftcdn.net/styles/e1d66-820f7.css

chrome.exe

Remote address:

151.101.1.91:443

Request

GET /styles/e1d66-820f7.css HTTP/2.0
host: sc.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: istio-envoy
content-type: text/css
last-modified: Wed, 24 Jan 2024 17:30:08 GMT
etag: W/"65b14920-1ae14"
expires: Fri, 24 Jan 2025 09:13:19 GMT
cache-control: max-age=31536000,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 6
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Feb 2024 00:24:41 GMT
age: 659480
x-served-by: cache-ams12767-AMS, cache-lon4231-LON
x-cache: HIT, HIT
x-cache-hits: 3, 247
x-timer: S1706833481.247414,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17003
GET

https://sc.sftcdn.net/styles/40150-ed2ff.css

chrome.exe

Remote address:

151.101.1.91:443

Request

GET /styles/40150-ed2ff.css HTTP/2.0
host: sc.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: istio-envoy
content-type: text/css
last-modified: Wed, 24 Jan 2024 17:30:08 GMT
etag: W/"65b14920-35dd"
expires: Fri, 24 Jan 2025 09:13:19 GMT
cache-control: max-age=31536000,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Feb 2024 00:24:41 GMT
age: 659481
x-served-by: cache-ams21020-AMS, cache-lon4231-LON
x-cache: HIT, HIT
x-cache-hits: 13, 234
x-timer: S1706833481.247610,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3224
GET

https://sc.sftcdn.net/images/fa090-0d026.svg

chrome.exe

Remote address:

151.101.1.91:443

Request

GET /images/fa090-0d026.svg HTTP/2.0
host: sc.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: istio-envoy
content-type: image/svg+xml
last-modified: Tue, 31 Oct 2023 08:59:22 GMT
etag: W/"6540c1ea-12b0"
expires: Thu, 31 Oct 2024 03:53:21 GMT
cache-control: max-age=31536000,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Feb 2024 00:24:41 GMT
age: 8022679
x-served-by: cache-ams21030-AMS, cache-lon4231-LON
x-cache: HIT, HIT
x-cache-hits: 4784, 1653
x-timer: S1706833481.248406,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2107
DNS

securepubads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

securepubads.g.doubleclick.net

IN A

Response

securepubads.g.doubleclick.net

IN CNAME

securepubads46.g.doubleclick.net

securepubads46.g.doubleclick.net

IN A

142.250.179.66
GET

https://images.sftcdn.net/images/t_app-icon-s/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/1566131569/autohotkey-icon.jpg

chrome.exe

Remote address:

104.84.84.34:443

Request

GET /images/t_app-icon-s/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/1566131569/autohotkey-icon.jpg HTTP/2.0
host: images.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 1886
etag: "dd31fdad58a23b47aeafcfac650c30b0"
last-modified: Tue, 14 Feb 2023 09:00:44 GMT
date: Fri, 02 Feb 2024 00:24:41 GMT
cache-control: public, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
content-disposition: inline; filename="autohotkey-icon.jpg"
x-content-type-options: nosniff
server-timing: cld-akam;dur=5;start=2024-02-02T00:24:41.605Z;desc=hit,rtt;dur=66,content-info;desc="width=112,height=112,owidth=900,oheight=900,obytes=444805"
GET

https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/4013272943/autohotkey-Untitled.png

chrome.exe

Remote address:

104.84.84.34:443

Request

GET /images/t_app-cover-s,f_auto/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/4013272943/autohotkey-Untitled.png HTTP/2.0
host: images.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 8198
etag: "c99951428d78323cf02f0b70b86599d3"
last-modified: Sun, 11 Oct 2020 16:51:11 GMT
date: Fri, 02 Feb 2024 00:24:41 GMT
cache-control: private, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent
content-disposition: inline; filename="autohotkey-Untitled.png"
x-content-type-options: nosniff
server-timing: cld-akam;dur=5;start=2024-02-02T00:24:41.605Z;desc=hit,rtt;dur=66
GET

https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/avast-software-sro/avg-secure-browser/AVG_Secure_Browser

chrome.exe

Remote address:

104.84.84.34:443

Request

GET /image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/avast-software-sro/avg-secure-browser/AVG_Secure_Browser HTTP/2.0
host: images.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 2722
content-disposition: inline; filename="AVG_Secure_Browser.webp"
etag: "29155b0342b628b761a18ab2055a8f5b"
last-modified: Thu, 01 Jun 2023 08:45:34 GMT
date: Fri, 02 Feb 2024 00:24:44 GMT
cache-control: private, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-dpr: 1
x-content-type-options: nosniff
server-timing: cld-akam;dur=5;start=2024-02-02T00:24:44.046Z;desc=hit,rtt;dur=67,content-info;desc="width=300,height=140,owidth=300,oheight=140,obytes=9157"
GET

https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/1

chrome.exe

Remote address:

104.84.84.34:443

Request

GET /image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/1 HTTP/2.0
host: images.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 892
content-disposition: inline; filename="1.webp"
etag: "308ab3a7783a6a88b374a243d9ad0474"
last-modified: Mon, 03 Jul 2023 07:41:06 GMT
date: Fri, 02 Feb 2024 00:24:44 GMT
cache-control: private, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-dpr: 1
x-content-type-options: nosniff
server-timing: cld-akam;dur=3;start=2024-02-02T00:24:44.047Z;desc=hit,rtt;dur=67,content-info;desc="width=80,height=80,owidth=80,oheight=80,obytes=2905"
GET

https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/2

chrome.exe

Remote address:

104.84.84.34:443

Request

GET /image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/2 HTTP/2.0
host: images.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 338
content-disposition: inline; filename="2.webp"
etag: "3851e01f702ce09323448869e88d7212"
last-modified: Mon, 03 Jul 2023 07:41:06 GMT
date: Fri, 02 Feb 2024 00:24:44 GMT
cache-control: private, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-dpr: 1
x-content-type-options: nosniff
server-timing: cld-akam;dur=4;start=2024-02-02T00:24:44.046Z;desc=hit,rtt;dur=67,content-info;desc="width=80,height=80,owidth=80,oheight=80,obytes=1270"
GET

https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/3

chrome.exe

Remote address:

104.84.84.34:443

Request

GET /image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/3 HTTP/2.0
host: images.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 698
content-disposition: inline; filename="3.webp"
etag: "b7d374ec13a0d2fc7c0f7a05b1ea00d0"
last-modified: Mon, 03 Jul 2023 07:41:06 GMT
date: Fri, 02 Feb 2024 00:24:44 GMT
cache-control: private, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-dpr: 1
x-content-type-options: nosniff
server-timing: cld-akam;dur=4;start=2024-02-02T00:24:44.046Z;desc=hit,rtt;dur=67,content-info;desc="width=80,height=80,owidth=80,oheight=80,obytes=2463"
GET

https://images.sftcdn.net/images/t_favicon-v2/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/1566131569/autohotkey-icon.jpg

chrome.exe

Remote address:

104.84.84.34:443

Request

GET /images/t_favicon-v2/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/1566131569/autohotkey-icon.jpg HTTP/2.0
host: images.sftcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 1468
etag: "f6c08da25dba6cf92e2596c91616b883"
last-modified: Thu, 15 Dec 2022 20:52:26 GMT
date: Fri, 02 Feb 2024 00:24:45 GMT
cache-control: public, no-transform, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-akam;dur=5;start=2024-02-02T00:24:45.130Z;desc=hit,rtt;dur=65,content-info;desc="width=48,height=48,owidth=900,oheight=900,obytes=444805"
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.74.228
DNS

bat.bing.com

chrome.exe

Remote address:

8.8.8.8:53

Request

bat.bing.com

IN A

Response

bat.bing.com

IN CNAME

bat-bing-com.a-0001.a-msedge.net

bat-bing-com.a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

c.amazon-adsystem.com

chrome.exe

Remote address:

8.8.8.8:53

Request

c.amazon-adsystem.com

IN A

Response

c.amazon-adsystem.com

IN CNAME

d1ykf07e75w7ss.cloudfront.net

d1ykf07e75w7ss.cloudfront.net

IN A

18.66.167.55
GET

https://softonic.com/revamp/sft-bundle.js?modern=1

chrome.exe

Remote address:

35.227.233.104:443

Request

GET /revamp/sft-bundle.js?modern=1 HTTP/2.0
host: softonic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://autohotkey.en.softonic.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://softonic.com/revamp/sft-prebid.js

chrome.exe

Remote address:

35.227.233.104:443

Request

GET /revamp/sft-prebid.js HTTP/2.0
host: softonic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://autohotkey.en.softonic.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

chrome.exe

Remote address:

142.250.179.66:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.google.com/adsense/search/ads.js

chrome.exe

Remote address:

142.250.74.228:443

Request

GET /adsense/search/ads.js HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com

chrome.exe

Remote address:

3.162.140.120:443

Request

GET /a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com HTTP/2.0
host: sdk.privacy-center.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
x-amzn-requestid: 57cfead2-0e44-40cb-8ff5-3cdb6711d2fc
x-didomi-configs-version: 95
x-amzn-trace-id: root=1-65bad145-2de3e6197bb8fc0d679da38e;sampled=0;lineage=eaae1266:0
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
content-encoding: br
date: Thu, 01 Feb 2024 22:47:04 GMT
cache-control: max-age=7200, public
etag: W/"4775bc5f5cfc584cb12fcff0712a607c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dafe1f5a40dcdd616ee93615ed1bce22.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DAmFPB9S0uZO3dCrDsZGCOJ1Wtsh1O7Yic1Vy7mrT8zjdBTlkh_IeQ==
age: 6277
GET

https://sdk.privacy-center.org/sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/sdk.e17d32fa80881efdcb7b857db1509329b98d5e0c.js

chrome.exe

Remote address:

3.162.140.120:443

Request

GET /sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/sdk.e17d32fa80881efdcb7b857db1509329b98d5e0c.js HTTP/2.0
host: sdk.privacy-center.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
date: Wed, 31 Jan 2024 16:55:49 GMT
last-modified: Wed, 31 Jan 2024 16:55:38 GMT
etag: W/"4cf035169e0b6a20c7a67041e1e842c8-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dafe1f5a40dcdd616ee93615ed1bce22.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zaNz5Z70ErXSh2ryg61bszpDC9AwmcWZAeFrogK58dXB1TZfVQxiaQ==
age: 113334
GET

https://c.amazon-adsystem.com/aax2/apstag.js

chrome.exe

Remote address:

18.66.167.55:443

Request

GET /aax2/apstag.js HTTP/2.0
host: c.amazon-adsystem.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
date: Thu, 01 Feb 2024 23:50:55 GMT
last-modified: Thu, 01 Feb 2024 21:58:47 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 7a8110e4113af9fe9586df9a3a0c60dc.cloudfront.net (CloudFront), 1.1 e20527248be1eebaced63108ab7e73d6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P2
etag: W/"e27d9780852534fd18cbcc0472fcbb38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: mkiQrt1JbZFoQ0-yu3y--okE0KNQhweUp6d-GpQGpcksMUvUe5KgKQ==
age: 2028
GET

https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fautohotkey.en.softonic.com

chrome.exe

Remote address:

18.66.167.55:443

Request

GET /cdn/prod/config?src=3177&u=https%3A%2F%2Fautohotkey.en.softonic.com HTTP/2.0
host: c.amazon-adsystem.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://autohotkey.en.softonic.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json;charset=UTF-8
content-length: 487
access-control-allow-origin: https://autohotkey.en.softonic.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Thu, 01 Feb 2024 20:11:56 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 e20527248be1eebaced63108ab7e73d6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: Dfkf72fAnA98vhuUchnE_HP4QjMWswMW1XCkW6YYR2oW2eL4Z0ZL2g==
age: 15166
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.178.138

content-autofill.googleapis.com

IN A

142.250.201.170

content-autofill.googleapis.com

IN A

172.217.18.202

content-autofill.googleapis.com

IN A

142.250.74.234

content-autofill.googleapis.com

IN A

142.250.75.234

content-autofill.googleapis.com

IN A

216.58.214.170

content-autofill.googleapis.com

IN A

172.217.20.170

content-autofill.googleapis.com

IN A

172.217.20.202

content-autofill.googleapis.com

IN A

142.250.179.74

content-autofill.googleapis.com

IN A

142.250.179.106
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAmXZJ9HqVj2nxIFDVGRAKs=?alt=proto

chrome.exe

Remote address:

142.250.178.138:443

Request

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAmXZJ9HqVj2nxIFDVGRAKs=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CO7iygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

apps.identrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

96.17.179.205

a1952.dscq.akamai.net

IN A

96.17.179.184
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

chrome.exe

Remote address:

96.17.179.205:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Fri, 02 Feb 2024 01:24:41 GMT
Date: Fri, 02 Feb 2024 00:24:41 GMT
Connection: keep-alive
DNS

104.233.227.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.233.227.35.in-addr.arpa

IN PTR

Response

104.233.227.35.in-addr.arpa

IN PTR

10423322735bcgoogleusercontentcom
DNS

74.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.179.250.142.in-addr.arpa

IN PTR

Response

74.179.250.142.in-addr.arpa

IN PTR

par21s19-in-f101e100net
DNS

91.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.1.101.151.in-addr.arpa

IN PTR

Response
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
DNS

34.84.84.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.84.84.104.in-addr.arpa

IN PTR

Response

34.84.84.104.in-addr.arpa

IN PTR

a104-84-84-34deploystaticakamaitechnologiescom
DNS

66.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

66.179.250.142.in-addr.arpa

IN PTR

Response

66.179.250.142.in-addr.arpa

IN PTR

par21s19-in-f21e100net
DNS

228.74.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.74.250.142.in-addr.arpa

IN PTR

Response

228.74.250.142.in-addr.arpa

IN PTR

par10s40-in-f41e100net
DNS

104.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.179.250.142.in-addr.arpa

IN PTR

Response

104.179.250.142.in-addr.arpa

IN PTR

par21s20-in-f81e100net
DNS

120.140.162.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

120.140.162.3.in-addr.arpa

IN PTR

Response

120.140.162.3.in-addr.arpa

IN PTR

server-3-162-140-120dub56r cloudfrontnet
DNS

55.167.66.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.167.66.18.in-addr.arpa

IN PTR

Response

55.167.66.18.in-addr.arpa

IN PTR

server-18-66-167-55dub56r cloudfrontnet
DNS

138.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.178.250.142.in-addr.arpa

IN PTR

Response

138.178.250.142.in-addr.arpa

IN PTR

par21s22-in-f101e100net
DNS

88.140.162.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.140.162.3.in-addr.arpa

IN PTR

Response

88.140.162.3.in-addr.arpa

IN PTR

server-3-162-140-88dub56r cloudfrontnet
DNS

205.179.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.179.17.96.in-addr.arpa

IN PTR

Response

205.179.17.96.in-addr.arpa

IN PTR

a96-17-179-205deploystaticakamaitechnologiescom
DNS

www.adsensecustomsearchads.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.adsensecustomsearchads.com

IN A

Response

www.adsensecustomsearchads.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

172.217.18.206
DNS

www.datadoghq-browser-agent.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.datadoghq-browser-agent.com

IN A

Response

www.datadoghq-browser-agent.com

IN A

3.162.144.24
GET

https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

chrome.exe

Remote address:

3.162.144.24:443

Request

GET /datadog-rum-v4.js HTTP/2.0
host: www.datadoghq-browser-agent.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 02 Feb 2024 00:23:55 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4dedf4d6b444400031c669e5f6731f9e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P2
x-amz-cf-id: iFMuidum_n7GVLuQPiXz9GGzg1j6g-rBUruNqQC3nq_Xa5QAD2KoUg==
age: 49
timing-allow-origin: *
DNS

206.18.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.18.217.172.in-addr.arpa

IN PTR

Response

206.18.217.172.in-addr.arpa

IN PTR

ham02s14-in-f2061e100net

206.18.217.172.in-addr.arpa

IN PTR

par10s38-in-f14�J
DNS

24.144.162.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.144.162.3.in-addr.arpa

IN PTR

Response

24.144.162.3.in-addr.arpa

IN PTR

server-3-162-144-24dub56r cloudfrontnet
DNS

btloader.com

chrome.exe

Remote address:

8.8.8.8:53

Request

btloader.com

IN A

Response

btloader.com

IN A

104.22.75.216

btloader.com

IN A

104.22.74.216

btloader.com

IN A

172.67.41.60
DNS

partner.googleadservices.com

chrome.exe

Remote address:

8.8.8.8:53

Request

partner.googleadservices.com

IN A

Response

partner.googleadservices.com

IN CNAME

partner46.googleadservices.com

partner46.googleadservices.com

IN A

142.250.74.226
GET

https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true

chrome.exe

Remote address:

104.22.75.216:443

Request

GET /tag?o=5633429348548608&domain=softonic.com&upapi=true HTTP/2.0
host: btloader.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 02 Feb 2024 00:24:43 GMT
content-type: application/javascript
content-length: 18021
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "2e0fc1ec3b2c907ca967bf336a5fff8f"
last-modified: Thu, 01 Feb 2024 23:40:26 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2602
accept-ranges: bytes
server: cloudflare
cf-ray: 84ee4af968b4b7ca-AMS
DNS

config.aps.amazon-adsystem.com

chrome.exe

Remote address:

8.8.8.8:53

Request

config.aps.amazon-adsystem.com

IN A

Response

config.aps.amazon-adsystem.com

IN A

18.66.171.5

config.aps.amazon-adsystem.com

IN A

18.66.171.125

config.aps.amazon-adsystem.com

IN A

18.66.171.56

config.aps.amazon-adsystem.com

IN A

18.66.171.49
GET

https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

chrome.exe

Remote address:

18.66.167.55:443

Request

GET /bao-csm/aps-comm/aps_csm.js HTTP/2.0
host: c.amazon-adsystem.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://autohotkey.en.softonic.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Feb 2024 00:24:42 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 53b9c84dd8372210fe40e0f18936cbc0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: 65mBNOfhpuF8T2jG5beQAOvgF5zzjuC9ZTefbQ78J3X_tu1HgNDPCw==
age: 52054
GET

https://config.aps.amazon-adsystem.com/configs/3177

chrome.exe

Remote address:

18.66.171.5:443

Request

GET /configs/3177 HTTP/2.0
host: config.aps.amazon-adsystem.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 532
server: CloudFront
date: Thu, 01 Feb 2024 23:29:29 GMT
cache-control: max-age=3600
x-cache: Hit from cloudfront
via: 1.1 53b9c84dd8372210fe40e0f18936cbc0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: hVze7b4VyEnmNueIQCtu9ArV9qq5DQUOiV5CMxK2XxKvsUs57lKB2A==
age: 3314
GET

https://partner.googleadservices.com/gampad/cookie.js?domain=autohotkey.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie

chrome.exe

Remote address:

142.250.74.226:443

Request

GET /gampad/cookie.js?domain=autohotkey.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie HTTP/2.0
host: partner.googleadservices.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

216.75.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.75.22.104.in-addr.arpa

IN PTR

Response
DNS

cdn.id5-sync.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.id5-sync.com

IN A

Response

cdn.id5-sync.com

IN A

172.67.38.106

cdn.id5-sync.com

IN A

104.22.52.86

cdn.id5-sync.com

IN A

104.22.53.86
DNS

5.171.66.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.171.66.18.in-addr.arpa

IN PTR

Response

5.171.66.18.in-addr.arpa

IN PTR

server-18-66-171-5dub56r cloudfrontnet
GET

https://cdn.id5-sync.com/api/1.0/id5-api.js

chrome.exe

Remote address:

172.67.38.106:443

Request

GET /api/1.0/id5-api.js HTTP/2.0
host: cdn.id5-sync.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 02 Feb 2024 00:24:43 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: i0rNgziCPgQKLy7RZYY0u0ABFAfev4hSc9/CckfPdOLO8ghPwmrDh32p7OwhXZtCRaa7VK7NqCGQpRfbzc0fdg==
x-amz-request-id: 9A5168EECVZB6TY9
last-modified: Tue, 30 Jan 2024 10:08:32 GMT
etag: W/"e88c8a94cbeb20543c62bf06c653a335"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 382
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 84ee4afa9ccdbc9d-LHR
content-encoding: gzip
DNS

storage.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

storage.googleapis.com

IN A

Response

storage.googleapis.com

IN A

172.217.169.91

storage.googleapis.com

IN A

172.217.169.59

storage.googleapis.com

IN A

142.250.179.251

storage.googleapis.com

IN A

142.250.180.27

storage.googleapis.com

IN A

142.250.187.219

storage.googleapis.com

IN A

142.250.187.251

storage.googleapis.com

IN A

172.217.16.251

storage.googleapis.com

IN A

142.250.200.59

storage.googleapis.com

IN A

142.250.200.27

storage.googleapis.com

IN A

142.250.178.27

storage.googleapis.com

IN A

216.58.201.123

storage.googleapis.com

IN A

216.58.204.91
GET

https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg

chrome.exe

Remote address:

172.217.169.91:443

Request

GET /storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg HTTP/2.0
host: storage.googleapis.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

api.btloader.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.btloader.com

IN A

Response

api.btloader.com

IN A

130.211.23.194
DNS

ad-delivery.net

chrome.exe

Remote address:

8.8.8.8:53

Request

ad-delivery.net

IN A

Response

ad-delivery.net

IN A

172.67.69.19

ad-delivery.net

IN A

104.26.3.70

ad-delivery.net

IN A

104.26.2.70
GET

https://api.btloader.com/mw/state?bt_env=prod

chrome.exe

Remote address:

130.211.23.194:443

Request

GET /mw/state?bt_env=prod HTTP/2.0
host: api.btloader.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://autohotkey.en.softonic.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ad-delivery.net/px.gif?ch=2

chrome.exe

Remote address:

172.67.69.19:443

Request

GET /px.gif?ch=2 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 02 Feb 2024 00:24:44 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPq4C78hDLBrEwWqGCyEDG87xNwWMnOo27CpUg6TMS6yVvJXUsExvdIWGIdiFVXAgMDCZfC0SKsGyw
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Wed, 24 Jan 2024 03:08:13 GMT
cache-control: public, max-age=86400
age: 767982
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftehqPlCl2%2B6yoUUaLTcqEkdxGO04f273GFtenPqIm8CGgsRDghQHWmG5vUKkd%2FFc1Gzm9ciFZuMk7hjgvmMGCQV93kCeYxTF8rQ6aR2%2FF%2BVc9V3Pm2aAPlde3AbScRvdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 84ee4afc58e463b0-LHR
GET

https://ad-delivery.net/px.gif?ch=1&e=0.5856015747561583

chrome.exe

Remote address:

172.67.69.19:443

Request

GET /px.gif?ch=1&e=0.5856015747561583 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 02 Feb 2024 00:24:44 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPq4C78hDLBrEwWqGCyEDG87xNwWMnOo27CpUg6TMS6yVvJXUsExvdIWGIdiFVXAgMDCZfC0SKsGyw
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Wed, 24 Jan 2024 03:08:13 GMT
cache-control: public, max-age=86400
age: 767982
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcUl7NNQSa32FjFvjOkh8B26oXYAgt64fkpOdjAgze4ufOoIr8Z555%2F8YHH5l7wpW9HtNwcmpJPk4UDwNIHT8q1EBWkXmTbxYi3cj2binzXjjD3A7YIEPFJuN3oZJpZbuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 84ee4afc58e363b0-LHR
DNS

googleads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

216.58.214.162
GET

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1706833482535&cv=11&fst=1706833482535&bg=ffffff&guid=ON&async=1&gtm=45be41v0za200&gcd=11t1p1t1t5&dma=0&tcfd=1000g&u_w=1280&u_h=720&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&hn=www.googleadservices.com&frm=0&tiba=AutoHotKey%20-%20Download&npa=0&pscdl=noapi&auid=1310336068.1706833481&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

chrome.exe

Remote address:

216.58.214.162:443

Request

GET /pagead/viewthroughconversion/631321069/?random=1706833482535&cv=11&fst=1706833482535&bg=ffffff&guid=ON&async=1&gtm=45be41v0za200&gcd=11t1p1t1t5&dma=0&tcfd=1000g&u_w=1280&u_h=720&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&hn=www.googleadservices.com&frm=0&tiba=AutoHotKey%20-%20Download&npa=0&pscdl=noapi&auid=1310336068.1706833481&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/landing?gcs=G110&gcd=11t1p1t1t5&rnd=1905379513.1706833483&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&dma=0&npa=0&tcfd=1000g&gtm=45be41v0za200&auid=1310336068.1706833481

chrome.exe

Remote address:

216.58.214.162:443

Request

GET /pagead/landing?gcs=G110&gcd=11t1p1t1t5&rnd=1905379513.1706833483&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&dma=0&npa=0&tcfd=1000g&gtm=45be41v0za200&auid=1310336068.1706833481 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

region1.google-analytics.com

chrome.exe

Remote address:

8.8.8.8:53

Request

region1.google-analytics.com

IN A

Response

region1.google-analytics.com

IN A

216.239.32.36

region1.google-analytics.com

IN A

216.239.34.36
DNS

stats.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

74.125.206.157

stats.g.doubleclick.net

IN A

74.125.206.154

stats.g.doubleclick.net

IN A

74.125.206.155

stats.g.doubleclick.net

IN A

74.125.206.156
DNS

226.74.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.74.250.142.in-addr.arpa

IN PTR

Response

226.74.250.142.in-addr.arpa

IN PTR

par10s40-in-f21e100net
DNS

106.38.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

106.38.67.172.in-addr.arpa

IN PTR

Response
DNS

68.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.159.190.20.in-addr.arpa

IN PTR

Response
DNS

91.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.169.217.172.in-addr.arpa

IN PTR

Response

91.169.217.172.in-addr.arpa

IN PTR

lhr48s09-in-f271e100net
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

194.23.211.130.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.23.211.130.in-addr.arpa

IN PTR

Response

194.23.211.130.in-addr.arpa

IN PTR

19423211130bcgoogleusercontentcom
DNS

19.69.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.69.67.172.in-addr.arpa

IN PTR

Response
DNS

134.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.178.250.142.in-addr.arpa

IN PTR

Response

134.178.250.142.in-addr.arpa

IN PTR

par21s22-in-f61e100net
DNS

162.214.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

162.214.58.216.in-addr.arpa

IN PTR

Response

162.214.58.216.in-addr.arpa

IN PTR

mad01s26-in-f1621e100net

162.214.58.216.in-addr.arpa

IN PTR

par10s42-in-f2�J

162.214.58.216.in-addr.arpa

IN PTR

mad01s26-in-f2�J
POST

https://region1.google-analytics.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je41v0v877889940z86335967za200&_p=1706833479574&_gaz=1&gcs=G110&gcd=11t1p1t1t5&npa=0&dma=0&tcfd=1000g&gdid=dMTc4Zm&cid=218287926.1706833483&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1706833483&sct=1&seg=0&dl=https%3A%2F%2Fautohotkey.en.softonic.com%2F&dt=AutoHotKey%20-%20Download&en=di_request&_fv=1&_nsi=1&_ss=1&ep.suitable_campaigns=avast-backup%2Cavg-secure-browser&ep.detected_country=GB&tfd=4360

chrome.exe

Remote address:

216.239.32.36:443

Request

POST /g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je41v0v877889940z86335967za200&_p=1706833479574&_gaz=1&gcs=G110&gcd=11t1p1t1t5&npa=0&dma=0&tcfd=1000g&gdid=dMTc4Zm&cid=218287926.1706833483&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1706833483&sct=1&seg=0&dl=https%3A%2F%2Fautohotkey.en.softonic.com%2F&dt=AutoHotKey%20-%20Download&en=di_request&_fv=1&_nsi=1&_ss=1&ep.suitable_campaigns=avast-backup%2Cavg-secure-browser&ep.detected_country=GB&tfd=4360 HTTP/2.0
host: region1.google-analytics.com
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://autohotkey.en.softonic.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

www.google.co.uk

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

172.217.20.195
POST

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=218287926.1706833483&gtm=45je41v0v877889940z86335967za200&aip=1&dma=0&gcs=G110&gcd=11t1p1t1t5&npa=0

chrome.exe

Remote address:

74.125.206.157:443

Request

POST /g/collect?v=2&tid=G-R5K71YRXMV&cid=218287926.1706833483&gtm=45je41v0v877889940z86335967za200&aip=1&dma=0&gcs=G110&gcd=11t1p1t1t5&npa=0 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://autohotkey.en.softonic.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R5K71YRXMV&cid=218287926.1706833483&gtm=45je41v0v877889940z86335967za200&aip=1&dma=0&gcs=G110&gcd=11t1p1t1t5&npa=0&z=1410304547

chrome.exe

Remote address:

172.217.20.195:443

Request

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R5K71YRXMV&cid=218287926.1706833483&gtm=45je41v0v877889940z86335967za200&aip=1&dma=0&gcs=G110&gcd=11t1p1t1t5&npa=0&z=1410304547 HTTP/2.0
host: www.google.co.uk
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.google.co.uk/pagead/1p-user-list/631321069/?random=1706833482535&cv=11&fst=1706832000000&bg=ffffff&guid=ON&async=1&gtm=45be41v0za200&u_w=1280&u_h=720&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&frm=0&tiba=AutoHotKey%20-%20Download&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_3bmLRW0aZ1JOiAlGO1YDHgo4RWonhQ&random=3244861322&rmt_tld=1&ipr=y

chrome.exe

Remote address:

172.217.20.195:443

Request

GET /pagead/1p-user-list/631321069/?random=1706833482535&cv=11&fst=1706832000000&bg=ffffff&guid=ON&async=1&gtm=45be41v0za200&u_w=1280&u_h=720&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&frm=0&tiba=AutoHotKey%20-%20Download&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_3bmLRW0aZ1JOiAlGO1YDHgo4RWonhQ&random=3244861322&rmt_tld=1&ipr=y HTTP/2.0
host: www.google.co.uk
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://autohotkey.en.softonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

notix.io

chrome.exe

Remote address:

8.8.8.8:53

Request

notix.io

IN A

Response

notix.io

IN A

139.45.240.92
DNS

36.32.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.32.239.216.in-addr.arpa

IN PTR

Response
DNS

157.206.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.206.125.74.in-addr.arpa

IN PTR

Response

157.206.125.74.in-addr.arpa

IN PTR

wk-in-f1571e100net
DNS

195.20.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.20.217.172.in-addr.arpa

IN PTR

Response

195.20.217.172.in-addr.arpa

IN PTR

par10s50-in-f31e100net

195.20.217.172.in-addr.arpa

IN PTR

waw02s08-in-f195�H

195.20.217.172.in-addr.arpa

IN PTR

waw02s08-in-f3�H
DNS

92.240.45.139.in-addr.arpa

Remote address:

8.8.8.8:53

Request

92.240.45.139.in-addr.arpa

IN PTR

Response
DNS

133.211.185.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.211.185.52.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

206.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.85.13.in-addr.arpa

IN PTR

Response
DNS

18.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.134.221.88.in-addr.arpa

IN PTR

Response

18.134.221.88.in-addr.arpa

IN PTR

a88-221-134-18deploystaticakamaitechnologiescom
DNS

194.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.178.17.96.in-addr.arpa

IN PTR

Response

194.178.17.96.in-addr.arpa

IN PTR

a96-17-178-194deploystaticakamaitechnologiescom
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

173.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.178.17.96.in-addr.arpa

IN PTR

Response

173.178.17.96.in-addr.arpa

IN PTR

a96-17-178-173deploystaticakamaitechnologiescom
DNS

107.116.69.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

107.116.69.13.in-addr.arpa

IN PTR

Response

20.231.121.79:80

104 B
2
35.227.233.104:443

https://autohotkey.en.softonic.com/

tls, http2

chrome.exe

2.8kB
66.0kB
36
59

HTTP Request

GET https://autohotkey.en.softonic.com/
151.101.1.91:443

sc.sftcdn.net

tls

chrome.exe

989 B
7.1kB
9
11
151.101.1.91:443

https://sc.sftcdn.net/scripts/23986-b7966.mjs

tls, http2

chrome.exe

3.4kB
58.4kB
48
53

HTTP Request

GET https://sc.sftcdn.net/fonts/5bba3-e5711.woff2

HTTP Request

GET https://sc.sftcdn.net/scripts/72c3f-578e4.mjs

HTTP Request

GET https://sc.sftcdn.net/scripts/23986-b7966.mjs

HTTP Response

200

HTTP Response

200

HTTP Response

200
151.101.1.91:443

sc.sftcdn.net

tls

chrome.exe

989 B
7.1kB
9
11
151.101.1.91:443

sc.sftcdn.net

tls

chrome.exe

989 B
7.1kB
9
11
151.101.1.91:443

https://sc.sftcdn.net/images/fa090-0d026.svg

tls, http2

chrome.exe

2.7kB
31.7kB
32
35

HTTP Request

GET https://sc.sftcdn.net/styles/e1d66-820f7.css

HTTP Request

GET https://sc.sftcdn.net/styles/40150-ed2ff.css

HTTP Request

GET https://sc.sftcdn.net/images/fa090-0d026.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.84.84.34:443

images.sftcdn.net

tls, http2

chrome.exe

1.2kB
8.3kB
14
15
104.84.84.34:443

https://images.sftcdn.net/images/t_favicon-v2/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/1566131569/autohotkey-icon.jpg

tls, http2

chrome.exe

3.6kB
29.6kB
38
47

HTTP Request

GET https://images.sftcdn.net/images/t_app-icon-s/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/1566131569/autohotkey-icon.jpg

HTTP Request

GET https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/4013272943/autohotkey-Untitled.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/avast-software-sro/avg-secure-browser/AVG_Secure_Browser

HTTP Request

GET https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/1

HTTP Request

GET https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/2

HTTP Request

GET https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/avg-secure-browser/3

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://images.sftcdn.net/images/t_favicon-v2/p/a5edca32-96d7-11e6-98e0-00163ec9f5fa/1566131569/autohotkey-icon.jpg

HTTP Response

200
204.79.197.200:443

bat.bing.com

tls

chrome.exe

2.7kB
23.1kB
24
34
35.227.233.104:443

https://softonic.com/revamp/sft-prebid.js

tls, http2

chrome.exe

5.1kB
194.0kB
84
153

HTTP Request

GET https://softonic.com/revamp/sft-bundle.js?modern=1

HTTP Request

GET https://softonic.com/revamp/sft-prebid.js
35.227.233.104:443

softonic.com

tls, http2

chrome.exe

1.0kB
7.9kB
10
10
142.250.179.66:443

https://securepubads.g.doubleclick.net/tag/js/gpt.js

tls, http2

chrome.exe

2.3kB
38.5kB
26
39

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.228:443

https://www.google.com/adsense/search/ads.js

tls, http2

chrome.exe

3.2kB
61.9kB
45
56

HTTP Request

GET https://www.google.com/adsense/search/ads.js
3.162.140.120:443

https://sdk.privacy-center.org/sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/sdk.e17d32fa80881efdcb7b857db1509329b98d5e0c.js

tls, http2

chrome.exe

4.1kB
121.1kB
63
99

HTTP Request

GET https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com

HTTP Response

200

HTTP Request

GET https://sdk.privacy-center.org/sdk/e17d32fa80881efdcb7b857db1509329b98d5e0c/modern/sdk.e17d32fa80881efdcb7b857db1509329b98d5e0c.js

HTTP Response

200
18.66.167.55:443

https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fautohotkey.en.softonic.com

tls, http2

chrome.exe

3.2kB
83.2kB
44
71

HTTP Request

GET https://c.amazon-adsystem.com/aax2/apstag.js

HTTP Response

200

HTTP Request

GET https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fautohotkey.en.softonic.com

HTTP Response

200
142.250.178.138:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAmXZJ9HqVj2nxIFDVGRAKs=?alt=proto

tls, http2

chrome.exe

1.9kB
7.0kB
16
17

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAmXZJ9HqVj2nxIFDVGRAKs=?alt=proto
96.17.179.205:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

chrome.exe

416 B
1.6kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
172.217.18.206:443

www.adsensecustomsearchads.com

tls, http2

chrome.exe

1.2kB
12.9kB
13
15
3.162.144.24:443

https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

tls, http2

chrome.exe

2.7kB
55.3kB
35
51

HTTP Request

GET https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

HTTP Response

200
104.22.75.216:443

https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true

tls, http2

chrome.exe

2.1kB
24.7kB
22
30

HTTP Request

GET https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true

HTTP Response

200
18.66.167.55:443

https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

tls, http2

chrome.exe

1.9kB
10.2kB
17
19

HTTP Request

GET https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

HTTP Response

200
18.66.171.5:443

https://config.aps.amazon-adsystem.com/configs/3177

tls, http2

chrome.exe

1.8kB
7.8kB
15
17

HTTP Request

GET https://config.aps.amazon-adsystem.com/configs/3177

HTTP Response

200
142.250.74.226:443

https://partner.googleadservices.com/gampad/cookie.js?domain=autohotkey.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie

tls, http2

chrome.exe

1.9kB
7.4kB
15
18

HTTP Request

GET https://partner.googleadservices.com/gampad/cookie.js?domain=autohotkey.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie
172.67.38.106:443

https://cdn.id5-sync.com/api/1.0/id5-api.js

tls, http2

chrome.exe

2.5kB
30.5kB
32
36

HTTP Request

GET https://cdn.id5-sync.com/api/1.0/id5-api.js

HTTP Response

200
172.217.169.91:443

https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg

tls, http2

chrome.exe

2.1kB
13.6kB
19
20

HTTP Request

GET https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg
130.211.23.194:443

https://api.btloader.com/mw/state?bt_env=prod

tls, http2

chrome.exe

1.8kB
6.1kB
14
15

HTTP Request

GET https://api.btloader.com/mw/state?bt_env=prod
172.67.69.19:443

https://ad-delivery.net/px.gif?ch=1&e=0.5856015747561583

tls, http2

chrome.exe

2.0kB
6.9kB
17
17

HTTP Request

GET https://ad-delivery.net/px.gif?ch=2

HTTP Request

GET https://ad-delivery.net/px.gif?ch=1&e=0.5856015747561583

HTTP Response

200

HTTP Response

200
172.67.69.19:443

ad-delivery.net

tls

chrome.exe

943 B
4.6kB
8
7
216.58.214.162:443

https://googleads.g.doubleclick.net/pagead/landing?gcs=G110&gcd=11t1p1t1t5&rnd=1905379513.1706833483&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&dma=0&npa=0&tcfd=1000g&gtm=45be41v0za200&auid=1310336068.1706833481

tls, http2

chrome.exe

2.6kB
9.0kB
20
24

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1706833482535&cv=11&fst=1706833482535&bg=ffffff&guid=ON&async=1&gtm=45be41v0za200&gcd=11t1p1t1t5&dma=0&tcfd=1000g&u_w=1280&u_h=720&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&hn=www.googleadservices.com&frm=0&tiba=AutoHotKey%20-%20Download&npa=0&pscdl=noapi&auid=1310336068.1706833481&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/landing?gcs=G110&gcd=11t1p1t1t5&rnd=1905379513.1706833483&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&dma=0&npa=0&tcfd=1000g&gtm=45be41v0za200&auid=1310336068.1706833481
216.239.32.36:443

https://region1.google-analytics.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je41v0v877889940z86335967za200&_p=1706833479574&_gaz=1&gcs=G110&gcd=11t1p1t1t5&npa=0&dma=0&tcfd=1000g&gdid=dMTc4Zm&cid=218287926.1706833483&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1706833483&sct=1&seg=0&dl=https%3A%2F%2Fautohotkey.en.softonic.com%2F&dt=AutoHotKey%20-%20Download&en=di_request&_fv=1&_nsi=1&_ss=1&ep.suitable_campaigns=avast-backup%2Cavg-secure-browser&ep.detected_country=GB&tfd=4360

tls, http2

chrome.exe

2.2kB
6.9kB
14
14

HTTP Request

POST https://region1.google-analytics.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je41v0v877889940z86335967za200&_p=1706833479574&_gaz=1&gcs=G110&gcd=11t1p1t1t5&npa=0&dma=0&tcfd=1000g&gdid=dMTc4Zm&cid=218287926.1706833483&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1706833483&sct=1&seg=0&dl=https%3A%2F%2Fautohotkey.en.softonic.com%2F&dt=AutoHotKey%20-%20Download&en=di_request&_fv=1&_nsi=1&_ss=1&ep.suitable_campaigns=avast-backup%2Cavg-secure-browser&ep.detected_country=GB&tfd=4360
74.125.206.157:443

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=218287926.1706833483&gtm=45je41v0v877889940z86335967za200&aip=1&dma=0&gcs=G110&gcd=11t1p1t1t5&npa=0

tls, http2

chrome.exe

1.9kB
6.7kB
15
16

HTTP Request

POST https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=218287926.1706833483&gtm=45je41v0v877889940z86335967za200&aip=1&dma=0&gcs=G110&gcd=11t1p1t1t5&npa=0
172.217.20.195:443

https://www.google.co.uk/pagead/1p-user-list/631321069/?random=1706833482535&cv=11&fst=1706832000000&bg=ffffff&guid=ON&async=1&gtm=45be41v0za200&u_w=1280&u_h=720&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&frm=0&tiba=AutoHotKey%20-%20Download&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_3bmLRW0aZ1JOiAlGO1YDHgo4RWonhQ&random=3244861322&rmt_tld=1&ipr=y

tls, http2

chrome.exe

2.4kB
7.1kB
19
22

HTTP Request

GET https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R5K71YRXMV&cid=218287926.1706833483&gtm=45je41v0v877889940z86335967za200&aip=1&dma=0&gcs=G110&gcd=11t1p1t1t5&npa=0&z=1410304547

HTTP Request

GET https://www.google.co.uk/pagead/1p-user-list/631321069/?random=1706833482535&cv=11&fst=1706832000000&bg=ffffff&guid=ON&async=1&gtm=45be41v0za200&u_w=1280&u_h=720&url=https%3A%2F%2Fautohotkey.en.softonic.com%2F&frm=0&tiba=AutoHotKey%20-%20Download&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_3bmLRW0aZ1JOiAlGO1YDHgo4RWonhQ&random=3244861322&rmt_tld=1&ipr=y
172.217.20.195:443

www.google.co.uk

tls, http2

chrome.exe

999 B
5.7kB
9
8
139.45.240.92:443

notix.io

tls

chrome.exe

1.8kB
5.3kB
13
14

8.8.8.8:53

autohotkey.en.softonic.com

dns

chrome.exe

72 B
88 B
1
1

DNS Request

autohotkey.en.softonic.com

DNS Response

35.227.233.104
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

180.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

180.178.17.96.in-addr.arpa
8.8.8.8:53

sc.sftcdn.net

dns

chrome.exe

59 B
157 B
1
1

DNS Request

sc.sftcdn.net

DNS Response

151.101.1.91

151.101.65.91

151.101.129.91

151.101.193.91
8.8.8.8:53

images.sftcdn.net

dns

chrome.exe

63 B
201 B
1
1

DNS Request

images.sftcdn.net

DNS Response

104.84.84.34
8.8.8.8:53

sdk.privacy-center.org

dns

chrome.exe

68 B
132 B
1
1

DNS Request

sdk.privacy-center.org

DNS Response

3.162.140.120

3.162.140.68

3.162.140.25

3.162.140.15
8.8.8.8:53

softonic.com

dns

chrome.exe

58 B
74 B
1
1

DNS Request

softonic.com

DNS Response

35.227.233.104
8.8.8.8:53

securepubads.g.doubleclick.net

dns

chrome.exe

76 B
121 B
1
1

DNS Request

securepubads.g.doubleclick.net

DNS Response

142.250.179.66
8.8.8.8:53

www.google.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.74.228
8.8.8.8:53

bat.bing.com

dns

chrome.exe

58 B
162 B
1
1

DNS Request

bat.bing.com

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

c.amazon-adsystem.com

dns

chrome.exe

67 B
126 B
1
1

DNS Request

c.amazon-adsystem.com

DNS Response

18.66.167.55
151.101.1.91:443

sc.sftcdn.net

https

chrome.exe

2.8kB
9.7kB
13
12
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
237 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

142.250.178.138

142.250.201.170

172.217.18.202

142.250.74.234

142.250.75.234

216.58.214.170

172.217.20.170

172.217.20.202

142.250.179.74

142.250.179.106
8.8.8.8:53

apps.identrust.com

dns

chrome.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

96.17.179.205

96.17.179.184
8.8.8.8:53

104.233.227.35.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

104.233.227.35.in-addr.arpa
8.8.8.8:53

74.179.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

74.179.250.142.in-addr.arpa
8.8.8.8:53

91.1.101.151.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

91.1.101.151.in-addr.arpa
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

34.84.84.104.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

34.84.84.104.in-addr.arpa
8.8.8.8:53

66.179.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

66.179.250.142.in-addr.arpa
8.8.8.8:53

228.74.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

228.74.250.142.in-addr.arpa
8.8.8.8:53

104.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

104.179.250.142.in-addr.arpa
8.8.8.8:53

120.140.162.3.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

120.140.162.3.in-addr.arpa
8.8.8.8:53

55.167.66.18.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

55.167.66.18.in-addr.arpa
8.8.8.8:53

138.178.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

138.178.250.142.in-addr.arpa
8.8.8.8:53

88.140.162.3.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

88.140.162.3.in-addr.arpa
8.8.8.8:53

205.179.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

205.179.17.96.in-addr.arpa
8.8.8.8:53

www.adsensecustomsearchads.com

dns

chrome.exe

76 B
120 B
1
1

DNS Request

www.adsensecustomsearchads.com

DNS Response

172.217.18.206
151.101.1.91:443

sc.sftcdn.net

https

chrome.exe

3.6kB
43.6kB
21
37
142.250.179.66:443

securepubads.g.doubleclick.net

https

chrome.exe

6.4kB
152.6kB
57
123
3.162.140.120:443

sdk.privacy-center.org

https

chrome.exe

5.2kB
67.8kB
47
69
8.8.8.8:53

www.datadoghq-browser-agent.com

dns

chrome.exe

77 B
93 B
1
1

DNS Request

www.datadoghq-browser-agent.com

DNS Response

3.162.144.24
8.8.8.8:53

206.18.217.172.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

206.18.217.172.in-addr.arpa
8.8.8.8:53

24.144.162.3.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

24.144.162.3.in-addr.arpa
8.8.8.8:53

btloader.com

dns

chrome.exe

58 B
106 B
1
1

DNS Request

btloader.com

DNS Response

104.22.75.216

104.22.74.216

172.67.41.60
8.8.8.8:53

partner.googleadservices.com

dns

chrome.exe

74 B
114 B
1
1

DNS Request

partner.googleadservices.com

DNS Response

142.250.74.226
35.227.233.104:443

softonic.com

https

chrome.exe

4.1kB
10.0kB
11
13
8.8.8.8:53

config.aps.amazon-adsystem.com

dns

chrome.exe

76 B
140 B
1
1

DNS Request

config.aps.amazon-adsystem.com

DNS Response

18.66.171.5

18.66.171.125

18.66.171.56

18.66.171.49
8.8.8.8:53

216.75.22.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

216.75.22.104.in-addr.arpa
8.8.8.8:53

cdn.id5-sync.com

dns

chrome.exe

62 B
110 B
1
1

DNS Request

cdn.id5-sync.com

DNS Response

172.67.38.106

104.22.52.86

104.22.53.86
8.8.8.8:53

5.171.66.18.in-addr.arpa

dns

70 B
125 B
1
1

DNS Request

5.171.66.18.in-addr.arpa
8.8.8.8:53

storage.googleapis.com

dns

chrome.exe

68 B
260 B
1
1

DNS Request

storage.googleapis.com

DNS Response

172.217.169.91

172.217.169.59

142.250.179.251

142.250.180.27

142.250.187.219

142.250.187.251

172.217.16.251

142.250.200.59

142.250.200.27

142.250.178.27

216.58.201.123

216.58.204.91
8.8.8.8:53

api.btloader.com

dns

chrome.exe

62 B
78 B
1
1

DNS Request

api.btloader.com

DNS Response

130.211.23.194
8.8.8.8:53

ad-delivery.net

dns

chrome.exe

61 B
109 B
1
1

DNS Request

ad-delivery.net

DNS Response

172.67.69.19

104.26.3.70

104.26.2.70
130.211.23.194:443

api.btloader.com

https

chrome.exe

3.9kB
5.7kB
13
14
142.250.74.228:443

www.google.com

https

chrome.exe

4.2kB
8.2kB
14
16
8.8.8.8:53

googleads.g.doubleclick.net

dns

chrome.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

216.58.214.162
8.8.8.8:53

region1.google-analytics.com

dns

chrome.exe

74 B
106 B
1
1

DNS Request

region1.google-analytics.com

DNS Response

216.239.32.36

216.239.34.36
8.8.8.8:53

stats.g.doubleclick.net

dns

chrome.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

74.125.206.157

74.125.206.154

74.125.206.155

74.125.206.156
8.8.8.8:53

226.74.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

226.74.250.142.in-addr.arpa
8.8.8.8:53

106.38.67.172.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

106.38.67.172.in-addr.arpa
8.8.8.8:53

68.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

68.159.190.20.in-addr.arpa
8.8.8.8:53

91.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

91.169.217.172.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

194.23.211.130.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

194.23.211.130.in-addr.arpa
8.8.8.8:53

19.69.67.172.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

19.69.67.172.in-addr.arpa
8.8.8.8:53

134.178.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

134.178.250.142.in-addr.arpa
8.8.8.8:53

162.214.58.216.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

162.214.58.216.in-addr.arpa
8.8.8.8:53

www.google.co.uk

dns

chrome.exe

62 B
78 B
1
1

DNS Request

www.google.co.uk

DNS Response

172.217.20.195
8.8.8.8:53

notix.io

dns

chrome.exe

54 B
70 B
1
1

DNS Request

notix.io

DNS Response

139.45.240.92
8.8.8.8:53

36.32.239.216.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

36.32.239.216.in-addr.arpa
8.8.8.8:53

157.206.125.74.in-addr.arpa

dns

73 B
107 B
1
1

DNS Request

157.206.125.74.in-addr.arpa
8.8.8.8:53

195.20.217.172.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

195.20.217.172.in-addr.arpa
8.8.8.8:53

92.240.45.139.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

92.240.45.139.in-addr.arpa
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

133.211.185.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

133.211.185.52.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

206.23.85.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

206.23.85.13.in-addr.arpa
8.8.8.8:53

18.134.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

18.134.221.88.in-addr.arpa
8.8.8.8:53

194.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

194.178.17.96.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

173.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

173.178.17.96.in-addr.arpa
8.8.8.8:53

107.116.69.13.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

107.116.69.13.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
3a3e35fe49e6b67aa6835cbeaecf78cd

SHA1
6c85fd956ca7f6e63f6aacde63a8b14e1b6d81f9

SHA256
248c76506b635feea1f5e6b7285bd56909fcee81cfddf17be884ea9c58189a30

SHA512
250f21ba6c19a3389de30f40f4d929d9d668bf97b56490066c3fc83aca42e244b9483ac448ae530527fac0e02cebddc1c01783ab5d22296dba5247899e4091f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
ee597e9ec109cb645287806030849112

SHA1
31c1e858fc69cf0daa1624073db851534e709dcb

SHA256
2a8456c3734e8a33fe68ce4bf2b5ee552e37f4a70cb62b5bdf534733f860221d

SHA512
fdd663fab9cb4ff5c283199e23c719ad92661a4d5ec6358af486dbddddc2be066060b2e2e83d9166dd8eb4fe1a1c3cdf71fff3c6f0907230202de0e3a3c99027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
2c5ee82ff42b87d46e2ac6a29c4e2759

SHA1
75c85a8998acf5216e8cc7c1e0407441347c5f38

SHA256
2e0f4b2121bd0c4d51a3b08ce5ae10ee45cdaba0a95e0e07f35df0c6300e0f97

SHA512
629d4794b836a5f3a48781217ad8e349b499833f6d1a8c09df00330c4428ad5c12f5ce3fd39817d0c0deb591b88ee6d6014ca99ba1fc88ba331f1e718595b405

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b9b8ed0f12fd1391aa5af2ab4bc57a35

SHA1
ce19950088954b8a7e395c0a8eaf89cfd861991a

SHA256
8983e716af2807f02c2fc9370b24b41d5d3234c914d08f81ee554c4fa80daa65

SHA512
4ca6ae27214340483509d24eaccad378cdedc135ee7830defea0da350d50460fba840725a33d2ffa10f69aaeebf73e3ccd15cd3f55134464c2c8442e92a61fa3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7eafe59e58926bbec7c131b89ccc47c9

SHA1
d74f0309b6acc5becec034fcf6d86a6f319feb79

SHA256
303fe5da00b5087500e15ef450778dab6c4513ae3e88bb00c5656ac749389db0

SHA512
c5a24a89a622421d3a38d4330df3d0220080469f75d6b58022cc7d32ca3d33a8e9308332ff590bccb9e9e360015fed0ee61190547c08d70ebb3f9c5e83519a55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
37df2bf4ff822bbc5aaac263864d440c

SHA1
3c48dff1f6aece76bdf979bd541653b3875392d5

SHA256
2dc1a60a5b4d89c80725a066d8176dc250a3aa41f95250fa1b468f0b598c3917

SHA512
e58cac551713ac20aeee1d9d05aef59b9ccf60aabdffc4ed1fbb1b390d5799c113eef46ed88d4bdc51b74ffbe4c9f45478fbcccc2b469b459c72df603b3fd303

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response