{"report_id":"ade212c4-b464-4c70-9de5-52da5e845064","version":6,"status":"done","tags":[],"date":"2025-07-25T10:16:21Z","url":{"schema":"http","addr":"audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","fqdn":"audiotools.link","domain":"audiotools.link","tld":"link"},"ip":{"addr":"111.90.158.148","port":0,"asn":45839,"as":"Shinjiru Technology Sdn Bhd","country":"Malaysia","country_code":"MY"},"final":{"url":{"schema":"https","addr":"audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","fqdn":"audiotools.link","domain":"audiotools.link","tld":"link"},"title":"audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd"},"submit":{"url":{"schema":"http","addr":"audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","fqdn":"audiotools.link","domain":"audiotools.link","tld":"link"},"ip":{"addr":"111.90.158.148","port":0,"asn":45839,"as":"Shinjiru Technology Sdn Bhd","country":"Malaysia","country_code":"MY"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-08-29T10:16:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"52.58.127.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":0,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-07-25T07:35:26.021239Z","alert_count":0,"request_count":1,"received_data":424,"sent_data":453,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":7,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-07-23T15:13:02.646313Z","alert_count":0,"request_count":1,"received_data":1717,"sent_data":419,"comment":"","tags":null,"fingerprints":null},{"fqdn":"flushpersist.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-07-01","domain_rank":0,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-07-22T11:09:36.699106Z","alert_count":1,"request_count":1,"received_data":496,"sent_data":767,"comment":"","tags":null,"fingerprints":null},{"fqdn":"audiotools.link","ip":{"addr":"111.90.158.148","port":443,"asn":45839,"as":"Shinjiru Technology Sdn Bhd","country":"Malaysia","country_code":"MY"},"domain_registered":"2020-05-18","domain_rank":0,"first_seen":"2021-01-14T03:53:49Z","last_seen":"2025-05-27T07:07:37.550106Z","alert_count":0,"request_count":2,"received_data":5198,"sent_data":1138,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.profitablecreativeformat.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2023-07-31","domain_rank":0,"first_seen":"2023-08-01T19:50:05Z","last_seen":"2025-07-20T00:00:25.614198Z","alert_count":1,"request_count":1,"received_data":28233,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"praystakeinstinct.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":0,"first_seen":"2025-06-01T16:54:51.448839Z","last_seen":"2025-07-20T23:29:32.499776Z","alert_count":1,"request_count":1,"received_data":498,"sent_data":501,"comment":"","tags":null,"fingerprints":null},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":0,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-07-22T16:42:12.022054Z","alert_count":0,"request_count":1,"received_data":377,"sent_data":418,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2025-07-23T15:24:21.324607Z","alert_count":0,"request_count":1,"received_data":793112,"sent_data":494,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":0,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-07-25T03:37:05.449466Z","alert_count":0,"request_count":1,"received_data":84041,"sent_data":462,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ascertainowlbookkeeper.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-06-10","domain_rank":0,"first_seen":"2025-07-13T02:56:52.244027Z","last_seen":"2025-07-13T02:56:52.244028Z","alert_count":1,"request_count":1,"received_data":107023,"sent_data":459,"comment":"","tags":null,"fingerprints":null},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":0,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-07-22T14:45:03.482429Z","alert_count":0,"request_count":1,"received_data":85963,"sent_data":413,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.profitabledisplaycontent.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2020-10-14","domain_rank":138390,"first_seen":"2020-10-16T02:07:47Z","last_seen":"2025-07-20T08:53:08.168898Z","alert_count":0,"request_count":3,"received_data":14498,"sent_data":5529,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-24","alert":"Sinkholed","trigger":"praystakeinstinct.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","fqdn":"audiotools.link","domain":"audiotools.link","tld":"link"},"ip":{"addr":"111.90.158.148","port":443,"asn":45839,"as":"Shinjiru Technology Sdn Bhd","country":"Malaysia","country_code":"MY"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ab866580856443b1b8fb3ebe864ebf2","sha1":"7f176af4e5e626d66ab0f70dfd3345e402f67c20","sha256":"b2954a523262ceff2f7a096cedc849d19f0e1224245423ba77b791233ec5fd8b","sha512":"bd07a1c55665b8d0ce9c44504adf91aa8e89ae88851b8fa72b459ad195730dfebf3b5327d55a8da1ddea8edf9088e20755d4158e0435bc95f78733cdd07f53da","ssdeep":"","tlshash":"84f0ac997995161188b766b5abbf9480b9c2c0736644dcd2308d55904f28784fd85787","size":636,"data":"","first_seen":"2025-07-25T10:16:22.48506Z","last_seen":"2025-07-25T10:16:22.48506Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ascertainowlbookkeeper.com/52/65/04/5265044313adfbdd1675427af66a6922.js","fqdn":"ascertainowlbookkeeper.com","domain":"ascertainowlbookkeeper.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c1e1d499ffa151ee6a8fd823ab40272d","sha1":"be1aacb71dcf26df798768690c79aed62b1a8bd2","sha256":"c2f2e4463a2cae653c4ffe97ce0d2086835e3e4d5b51a3c6343bf6e49cc6d839","sha512":"072d43f75e6a67f69ba8f38942b1145e85bb25fc134314c4b847a2d0b12893a7a9f862d36984db8913cff52b22f6004eddd69ca6184b8804aa4d03466a061dc9","ssdeep":"1536:oeLCZFtd8r9m3Zh324NmUBKLR4PscDsTd+GN8tE9vSgzzsJsBpMUp+fmIL:NLOdKgBKF40cDy8tMSghprA","tlshash":"79a3d9c47b71f49d42d770bb233f691bf4ea8e12048ce95ce102fea82e6530aa57d954","size":106084,"data":"","first_seen":"2025-07-25T10:16:22.466184Z","last_seen":"2025-07-25T10:16:22.466184Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/ngcIAHyEnHQZZIKkyKneDTW3/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e293b2c2a7e9c604c5c0580369f5f27","sha1":"d0aae300d0a3cc6fbb283525beafd34fd8585fdd","sha256":"13ef4faf327d81294e4156ffc3517706114d054ebf2367decc77b6c9aedbc929","sha512":"6a9635adcc29bc6297a2e9aba4fcf25d3959bc51fee95d927a995fbe29f341cc507496b64f09e72a13c5086cb895236276812f8603cca058fe6d6678d191cfce","ssdeep":"6144:BmiexnrL4GFZZ1gUepAE92s96HBKNThw8b4pIGHZZKIShQT344yeo8phnjfz3F2E:Q5bepxjVw86NTtoOFhz/Xvm0ACx","tlshash":"cdf44ad9710277a44332f5f95027200dab3ea926c44d4a5eb0d588f12bf8959f4bbeb3","size":792204,"data":"","first_seen":"2025-07-22T06:16:53.355623Z","last_seen":"2026-03-06T16:34:08.702068Z","times_seen":3151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"0477ade9c7efd9a6a96259fdd4c090fb","sha1":"9185e3d9dc81700906d39f3ad153449946c9e95c","sha256":"a4627baf5958793b2e021e9c2b6eaaf38631c77278ec9fa8ed5165ce7709bf5a","sha512":"6ea66eb67ff3f810158c36490f2af6479aff3d530a5b6dcb26b1e05eb09cf836d37f08276c14db9d155953a76c132d13a3ce82900d77cc2c3ed48fcf91a96349","ssdeep":"","tlshash":"10312c752934531f4e07e6096ebe100a97ff65de1a6fd008c45b59f8f1c3844f8056e0","size":1568,"data":"","first_seen":"2025-07-25T10:16:22.489287Z","last_seen":"2025-07-25T10:16:22.489287Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"6f6e2c89fa78f5b16a581ffdbf96ca80","sha1":"3449200e0ca13b30c1af4ce255cdb2b5a34e9e6c","sha256":"d972e333c2128558795f5121b0fa1c0f2610c55786b0c705f22f0d97491760a9","sha512":"de8b1e16edff06a0d995b88e57b05cf3ded1c255e4006ba8653b883a90d62ab4292f3897eebf41641990e944fb05e55e1643ab634562002252b6a89a55a93fe1","ssdeep":"","tlshash":"06412b7a343633334d1bf6aa1acd624a5fbf919e0b0cd148b80e5fd463534986129ec0","size":2046,"data":"","first_seen":"2025-07-25T10:16:22.493039Z","last_seen":"2025-07-25T10:16:22.493039Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","fqdn":"audiotools.link","domain":"audiotools.link","tld":"link"},"ip":{"addr":"111.90.158.148","port":443,"asn":45839,"as":"Shinjiru Technology Sdn Bhd","country":"Malaysia","country_code":"MY"},"introduction_type":"scriptElement","is_inline":true,"md5":"0c1ff27614b2d56a2cace95454756e72","sha1":"eeafb8f1f748dc02b3902670ca43a76fa138a09f","sha256":"a8bb1cbf77f276cd24ec90732f4b275bd855300b77bdf345c31c9c2cb948b356","sha512":"5e2ea28f0f69ddebc26f67016ac0c1fe8636c47b6e20840040e14ab5ee8a194e10b237b6dd17dc1272f37cc38ac742443a6266a2fd361224555cbe4eab0b0a2d","ssdeep":"","tlshash":"ace07ddd9a05fa90811198d1287cc9c2564c4c10a10c7c8714d1c8a442d5e78001da0b","size":294,"data":"","first_seen":"2025-07-25T10:16:22.49776Z","last_seen":"2025-07-25T10:16:22.49776Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"683e3fbda052b5ef8a02c45072427b61","sha1":"2d29d260a122c589dc7bd000f9b9a72db4855f47","sha256":"e978b36c676da279dc5ed5840b3f45d6ea6794f628ffe1731903f9e7ea532364","sha512":"cea17b03aa1de31e089d83591fcc5aa2f07dd0e533ba79e03fb37bbb5588bf1b11f811c588b50c344460cb12191a4381a194daf172cd19edc9aa1913cee0d8aa","ssdeep":"","tlshash":"9211ef761a04e0390b720de1b2fbda75e492741cf06845e8a551d9c81e79ccbce15549","size":1017,"data":"","first_seen":"2025-07-22T08:46:34.315111Z","last_seen":"2025-10-22T06:59:16.040589Z","times_seen":975,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.profitablecreativeformat.com/c8b0749626ed16dc2652224e434ac7bf/invoke.js","fqdn":"www.profitablecreativeformat.com","domain":"profitablecreativeformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb1a69566e6399268d3aaf3ae3f56b48","sha1":"f0a2c8a0f067157199d1fb22db09c88b46896e5c","sha256":"d4eb6b40992675dee02dfa3ec78db32e4d974b0e13503a4b67949d7ca961025c","sha512":"7db02fc0e4d50d773dcdf35097ea646d33beebaaf4a2df583f93ef79da0cc8892965ea319ee847a224f25b97f1eeaa6777b3a90fd6866e38dab1fba362e7c1b5","ssdeep":"384:mN2vqzp3yx3ifXtisK5bgGiLYhOF6wo1DtczxoWjVsKVrzQ8iZty2bnHJ535dVJZ:m8vqF9qhao1WzCWC1FZf9JFXL","tlshash":"94c2c7dc7f90b096277a71e3732fd00b65a74d15eb4cd8ccf427a8a168b4b5ae623850","size":27375,"data":"","first_seen":"2025-07-25T10:16:22.472114Z","last_seen":"2025-07-25T10:16:22.472114Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b884e665c994e6afaa8e29662bc6f58","sha1":"13e2c0fa7421988c2aed2874cfabccbfef78c93b","sha256":"c071777b3fefe3f39b7aa8b6306e10dfb028d31ac59c559b444ba82a5c306e54","sha512":"dcdb913a38787ccf5fe5de20350dc4ee0e6c86d57d1a173e50ca0414608dd282cf9103c0fe214b6040f676cb7fe00f845461009f324ee4819ca3937176d18c0e","ssdeep":"96:eozvhQgOb7uGdqk9LE1w2Cpp9bOb7uGdqk9LE1w2Cp5l1/DeCfMEDaH:Lzv8v0k9Ay2CT8v0k9Ay2CfbeCkCaH","tlshash":"95a11c753d35927a0d07f15e2abe514a6bbb904f160cd509f84debd4a743aa4982cfc0","size":4871,"data":"","first_seen":"2025-07-25T10:16:22.500792Z","last_seen":"2025-07-25T10:16:22.500792Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"00b22ef277d5e1f566eb1c3a638586b4","sha1":"cfe766604c17fb731f9081bb3e12f924c10e6e8f","sha256":"1485c4c1974586197f59b63037e6b402c38f00b2710e2bd85b1df9a88e92bc5a","sha512":"1ffc2ff2ad9dcb783752659d5e2b11e7de4e2394c7f47657df7e53c8cc92d95d11c2d2f99acca620b8f0235a9d578e0a03bcd330872c7ff5940bddd8bd934b35","ssdeep":"","tlshash":"f3c08cc93f02889063013ace3a081fc3acca0712252a3808a004c0c0759703a4048802","size":145,"data":"","first_seen":"2024-02-19T22:40:34Z","last_seen":"2025-07-25T10:16:22.505109Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"c6ffab672e1b571490ba956f15be10b1","sha1":"442c2c86edda80dd9585cec04d327c1015a42741","sha256":"33b2f09597d764095e258c088c4dbdcd46b5b32a877614007372a740b942c3c1","sha512":"56dd184e2bed155cf541a8da749aa449fc92e22b179125035f8867a87baf502a1a4a6c4c1695a16142c2c8c7879212c163563a569cdf8dfef8443490853dfd4c","ssdeep":"","tlshash":"95b0928aaf4ac89485006ad2a4b7cac65b496414c208fcd881e1c8e5a696ab9182da0b","size":124,"data":"","first_seen":"2024-02-19T22:40:34Z","last_seen":"2025-07-25T10:16:22.509449Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:56.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:11:38 GMT","end":"Mon, 29 Sep 2025 15:11:37 GMT"},"fingerprint":{"sha1":"F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3","sha256":"D8:C9:87:B5:89:5E:D4:F4:8D:FD:98:3C:31:39:42:67:D3:20:27:14:A9:AD:F2:AB:97:A4:48:0F:94:F0:FF:A2"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:56 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 28254\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4567ec08f83868b88a5450d98276c0f3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":805,"timings":{"blocked":364,"dns":18,"connect":38,"send":0,"wait":22,"receive":27,"ssl":255},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.profitabledisplaycontent.com/watch.240160588389.js?aioi=t\u0026dev=e\u0026key=c8b0749626ed16dc2652224e434ac7bf\u0026kw=%5B%5D\u0026pst=1753438617\u0026rb=\u0026refer=https%3A%2F%2Faudiotools.link%2Flinks%2Fxfer-records-serum-v2-0-16-win-vr-tcd\u0026res=14.3095\u0026rmtc=t\u0026shu=5b73dbd3a21820552a3e679e94d6245943cd978dc0d3e16b775c292a46b0e4678a82c8f6174a736b0b916293b4fa868d84a88f1498dd9f20e7762b7b4feeadb086c726bfd78e20a120500da04745e7e97b8c1bf4f4aead468731\u0026sub3=group_b\u0026tz=0\u0026uuid=099ccaca-2974-4045-beb9-065b59949498%3A3%3A1","fqdn":"www.profitabledisplaycontent.com","domain":"profitabledisplaycontent.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:57.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.profitabledisplaycontent.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 22:16:27 GMT","end":"Wed, 22 Oct 2025 22:16:26 GMT"},"fingerprint":{"sha1":"80:ED:AE:02:6E:22:92:2C:1D:3B:CF:40:B8:05:ED:A8:F4:78:41:C1","sha256":"27:CE:4E:A9:E9:2E:EA:67:C9:22:7C:B4:62:29:07:B9:BD:AA:87:B5:6A:AD:89:6C:68:5A:63:CB:C5:73:7D:0F"}}},"request":{"raw":"GET /watch.240160588389.js?aioi=t\u0026dev=e\u0026key=c8b0749626ed16dc2652224e434ac7bf\u0026kw=%5B%5D\u0026pst=1753438617\u0026rb=\u0026refer=https%3A%2F%2Faudiotools.link%2Flinks%2Fxfer-records-serum-v2-0-16-win-vr-tcd\u0026res=14.3095\u0026rmtc=t\u0026shu=5b73dbd3a21820552a3e679e94d6245943cd978dc0d3e16b775c292a46b0e4678a82c8f6174a736b0b916293b4fa868d84a88f1498dd9f20e7762b7b4feeadb086c726bfd78e20a120500da04745e7e97b8c1bf4f4aead468731\u0026sub3=group_b\u0026tz=0\u0026uuid=099ccaca-2974-4045-beb9-065b59949498%3A3%3A1 HTTP/1.1\r\nHost: www.profitabledisplaycontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://audiotools.link\r\nReferer: https://audiotools.link/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDkwODg4MiwiayI6ImM4YjA3NDk2MjZlZDE2ZGMyNjUyMjI0ZTQzNGFjN2JmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMTk1MTMsInBpZCI6OTY2ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTgsImFpZCI6MjMsInB0Ijo0LCJwayI6Inh4Yjg4cWZhOXkiLCJjcGtzIjp7IjQ3IjoiODMzZjNiZWI1MDk5NDFjYTI4ZDUwNDVlYTBhYjk4YTUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2F1ZGlvdG9vbHMubGluay9saW5rcy94ZmVyLXJlY29yZHMtc2VydW0tdjItMC0xNi13aW4tdnItdGNkIiwiYXIiOltdfX0.S38F4tlKhBAxJKfhGaB5KMAnzqKP76id6Ajs89hdNM4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://audiotools.link\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: uid_id2=099ccaca-2974-4045-beb9-065b59949498:3:1; expires=Fri, 01 Aug 2025 10:15:57 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sat, 26 Jul 2025 10:15:57 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sat, 26 Jul 2025 10:15:57 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Sat, 26 Jul 2025 10:15:57 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Sat, 26 Jul 2025 10:15:57 GMT; path=/; secure; SameSite=None\nu_pl14908882=1; expires=Sat, 26 Jul 2025 10:15:57 GMT; path=/; secure; SameSite=None\r\nHost: www.profitabledisplaycontent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cc3b75a160ef51789b75750ec89e8a3a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4903,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (4027)","md5":"0ec780f44d8c8ed377502285d5a133b2","sha1":"7ef8525b780ec003896e93f8b6079be51e544e4e","sha256":"0a10066aeb82474288f8b38da263e9f31e4c303dbf97597bb88416dd32783480","sha512":"4b0b69f9fabc5483aa97837b747c08d7f33b09c8e2886300c9d233aaa3a5b789cd0ae20192f2f194da2d8a1f4b6f9771fdbc383a20fe1eae041023a8fbe8a3ba","ssdeep":"96:3ozvhQgOb7uGdqk9LE1w2Cpp9bOb7uGdqk9LE1w2Cp5l1/DeCfMEDaH:Yzv8v0k9Ay2CT8v0k9Ay2CfbeCkCaH","tlshash":"78a12b753d35927a0d07b16e3aba514a2bbb904f170cd408f84deae4a743aa4982cfc0","first_seen":"2025-07-25T10:16:22.447229Z","last_seen":"2025-07-25T10:16:22.447229Z","times_seen":1,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":103,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","fqdn":"audiotools.link","domain":"audiotools.link","tld":"link"},"ip":{"addr":"111.90.158.148","port":443,"asn":45839,"as":"Shinjiru Technology Sdn Bhd","country":"Malaysia","country_code":"MY"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-25T10:15:54.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"audiotools.link","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Jun 2025 15:50:37 GMT","end":"Thu, 25 Sep 2025 15:50:36 GMT"},"fingerprint":{"sha1":"46:F9:67:DD:AA:58:23:DB:04:1B:E5:DC:A9:64:1B:D3:63:47:43:0E","sha256":"5E:30:65:DE:19:B1:04:F1:8A:AD:07:23:2B:53:E8:8D:31:D9:CD:C5:5E:78:C4:97:A7:E4:DA:C7:96:B6:78:2A"}}},"request":{"raw":"GET /links/xfer-records-serum-v2-0-16-win-vr-tcd HTTP/1.1\r\nHost: audiotools.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 1418\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 25 Jul 2025 10:15:55 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3332,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"416e71c16788034810ac692ec6f73e6f","sha1":"69acdf0e59b960540c030791a8b20015c6d7dd8b","sha256":"12e19d45836fe5a49cfd0e35763df869077db26360beb0e08fe4e0aff3844ea9","sha512":"437ea7e62bade335b6ca28e6896e3faed77a11f55329f6ca5e52efa7235d6a8a19efddadbaf87a175ddb9903582f24ac7a5ab1d32abbc27842d1853ad54333ad","ssdeep":"","tlshash":"c36140ad3c5202406012c8f4d9ebfb852ff59012920de4e539f968b99fdefec4452b4a","first_seen":"2025-07-25T10:16:22.451168Z","last_seen":"2025-07-25T10:16:22.451168Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1108,"timings":{"blocked":432,"dns":10,"connect":207,"send":0,"wait":238,"receive":0,"ssl":217},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"praystakeinstinct.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1837\u0026rd=1837\u0026fd=632\u0026bv=25.7.3790\u0026tmpl=70","fqdn":"praystakeinstinct.com","domain":"praystakeinstinct.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:56.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"praystakeinstinct.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Jun 2025 22:08:16 GMT","end":"Fri, 26 Sep 2025 22:08:15 GMT"},"fingerprint":{"sha1":"08:B9:39:D3:1C:E2:4B:34:21:BC:02:6F:17:3E:89:73:97:AC:E1:C9","sha256":"0B:08:A6:D6:80:C8:A9:3D:DB:82:AC:44:AE:6A:45:CA:D2:16:A0:D2:8A:6F:C2:24:75:05:9F:F2:9D:18:63:16"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1837\u0026rd=1837\u0026fd=632\u0026bv=25.7.3790\u0026tmpl=70 HTTP/1.1\r\nHost: praystakeinstinct.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:56 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: praystakeinstinct.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T11:41:01.301496Z","times_seen":15383472,"resource_available":true,"data":null}},"time_used":1023,"timings":{"blocked":461,"dns":19,"connect":133,"send":0,"wait":96,"receive":1,"ssl":260},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-24","alert":"Sinkholed","trigger":"praystakeinstinct.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:57.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:18:37 GMT","end":"Mon, 29 Sep 2025 15:18:36 GMT"},"fingerprint":{"sha1":"1A:27:71:C0:8E:44:D4:6B:F5:AA:49:F0:F1:AF:E5:5F:30:23:A4:D4","sha256":"84:6C:2E:D6:ED:8A:2F:33:05:CC:E9:F2:24:E5:5C:E0:80:C2:04:2D:C3:21:06:64:E1:0D:14:81:A1:9A:00:1B"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:57 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 17de4e0e4cbaba3286cb3496f855232a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T11:41:01.301496Z","times_seen":15383472,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":67,"dns":2,"connect":18,"send":0,"wait":19,"receive":1,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"audiotools.link/favicon.ico","fqdn":"audiotools.link","domain":"audiotools.link","tld":"link"},"ip":{"addr":"111.90.158.148","port":443,"asn":45839,"as":"Shinjiru Technology Sdn Bhd","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:57.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"audiotools.link","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Jun 2025 15:50:37 GMT","end":"Thu, 25 Sep 2025 15:50:36 GMT"},"fingerprint":{"sha1":"46:F9:67:DD:AA:58:23:DB:04:1B:E5:DC:A9:64:1B:D3:63:47:43:0E","sha256":"5E:30:65:DE:19:B1:04:F1:8A:AD:07:23:2B:53:E8:8D:31:D9:CD:C5:5E:78:C4:97:A7:E4:DA:C7:96:B6:78:2A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: audiotools.link\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd\r\nCookie: pp_main_5265044313adfbdd1675427af66a6922=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=099ccaca-2974-4045-beb9-065b59949498%3A3%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Fri, 25 Jul 2025 10:15:58 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-05-18T11:32:12.019278Z","times_seen":127942,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/ngcIAHyEnHQZZIKkyKneDTW3/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:57.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:11 GMT","end":"Mon, 29 Sep 2025 08:35:10 GMT"},"fingerprint":{"sha1":"43:A0:95:35:FB:C7:02:15:92:9E:20:20:0D:0A:E7:8F:93:61:52:CD","sha256":"F1:59:AE:4E:F0:84:C7:D9:0F:67:4F:CB:FE:A6:ED:7D:47:17:4F:83:AA:B4:ED:FE:F5:F2:69:A8:AB:43:0E:0B"}}},"request":{"raw":"GET /recaptcha/releases/ngcIAHyEnHQZZIKkyKneDTW3/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://audiotools.link\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 339847\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 24 Jul 2025 10:01:19 GMT\r\nexpires: Fri, 24 Jul 2026 10:01:19 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 21 Jul 2025 02:01:33 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 87278\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":792204,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (771)","md5":"6e293b2c2a7e9c604c5c0580369f5f27","sha1":"d0aae300d0a3cc6fbb283525beafd34fd8585fdd","sha256":"13ef4faf327d81294e4156ffc3517706114d054ebf2367decc77b6c9aedbc929","sha512":"6a9635adcc29bc6297a2e9aba4fcf25d3959bc51fee95d927a995fbe29f341cc507496b64f09e72a13c5086cb895236276812f8603cca058fe6d6678d191cfce","ssdeep":"6144:BmiexnrL4GFZZ1gUepAE92s96HBKNThw8b4pIGHZZKIShQT344yeo8phnjfz3F2E:Q5bepxjVw86NTtoOFhz/Xvm0ACx","tlshash":"cdf44ad9710277a44332f5f95027200dab3ea926c44d4a5eb0d588f12bf8959f4bbeb3","first_seen":"2025-07-22T06:16:53.355623Z","last_seen":"2026-03-06T16:34:08.702068Z","times_seen":3151,"resource_available":true,"data":null}},"time_used":355,"timings":{"blocked":106,"dns":17,"connect":21,"send":0,"wait":30,"receive":97,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ae/09/15/ae091566169ead24f2b4f862acae14a2/1708270725.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:58.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /cti/ae/09/15/ae091566169ead24f2b4f862acae14a2/1708270725.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 25 Jul 2025 10:15:58 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 83690\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 18 Feb 2024 15:38:53 GMT\r\netag: \"65d2248d-146ea\"\r\nexpires: Sun, 27 Jul 2025 10:15:58 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83690,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 15:12:59], progressive, precision 8, 728x90, components 3","md5":"523a9ba7f13699c55d98f8c764909a9e","sha1":"5506a83327ba766df386900cda294fcd55a9d90d","sha256":"d313ebf7dc6f6ad0adb6a9547b2c3bb061a0e79573a2bd43e30b20634db4f336","sha512":"1df7e66d27502ee8bfdc03174e46605b41064a6ee2d277e5ac430b9f5a49d191e2d81e25d9cd246f3b85cfa7e4a413cbc4b1fd30b74b970f3aa8020b197c9dc0","ssdeep":"1536:nU35/XUemXVniNYkJpcw333DIcSvZicLU34bMpREYVf7FljInQdp:8xUeaxc3zIticgoYWaF1IY","tlshash":"6f830109ab27cc45e4c8e97188e7f2ea83522e807f835819758d70a2bf75b25dd3c167","first_seen":"2024-02-24T19:32:21Z","last_seen":"2026-05-18T08:40:26.743999Z","times_seen":881,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":61,"dns":28,"connect":19,"send":0,"wait":38,"receive":37,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ascertainowlbookkeeper.com/52/65/04/5265044313adfbdd1675427af66a6922.js","fqdn":"ascertainowlbookkeeper.com","domain":"ascertainowlbookkeeper.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:55.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ascertainowlbookkeeper.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Jun 2025 15:05:19 GMT","end":"Mon, 08 Sep 2025 15:05:18 GMT"},"fingerprint":{"sha1":"05:95:78:B5:A5:13:21:35:94:88:CE:69:BC:B9:53:C7:3B:9A:D8:F3","sha256":"4A:86:3C:AC:50:F8:9B:BD:33:0A:BE:47:3D:75:0D:B1:70:4D:95:37:37:63:1F:83:77:2D:14:A9:31:DC:A9:18"}}},"request":{"raw":"GET /52/65/04/5265044313adfbdd1675427af66a6922.js HTTP/1.1\r\nHost: ascertainowlbookkeeper.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:55 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 32724\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: 4b4e7ab587d59b22ad7bcd2439afc363_HD-43629-2=0; expires=Fri, 25 Jul 2025 10:15:55 GMT; secure; SameSite=None\r\nx-envoy-upstream-service-time: 8\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2e17ea025797369be433caa6c2c335fb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":106084,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c1e1d499ffa151ee6a8fd823ab40272d","sha1":"be1aacb71dcf26df798768690c79aed62b1a8bd2","sha256":"c2f2e4463a2cae653c4ffe97ce0d2086835e3e4d5b51a3c6343bf6e49cc6d839","sha512":"072d43f75e6a67f69ba8f38942b1145e85bb25fc134314c4b847a2d0b12893a7a9f862d36984db8913cff52b22f6004eddd69ca6184b8804aa4d03466a061dc9","ssdeep":"1536:oeLCZFtd8r9m3Zh324NmUBKLR4PscDsTd+GN8tE9vSgzzsJsBpMUp+fmIL:NLOdKgBKF40cDy8tMSghprA","tlshash":"79a3d9c47b71f49d42d770bb233f691bf4ea8e12048ce95ce102fea82e6530aa57d954","first_seen":"2025-07-25T10:16:22.466184Z","last_seen":"2025-07-25T10:16:22.466184Z","times_seen":1,"resource_available":true,"data":null}},"time_used":748,"timings":{"blocked":187,"dns":58,"connect":94,"send":0,"wait":105,"receive":110,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-25","alert":"Sinkholed","trigger":"ascertainowlbookkeeper.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.profitablecreativeformat.com/c8b0749626ed16dc2652224e434ac7bf/invoke.js","fqdn":"www.profitablecreativeformat.com","domain":"profitablecreativeformat.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:56.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"profitablecreativeformat.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 22 Jul 2025 03:23:00 GMT","end":"Mon, 20 Oct 2025 03:22:59 GMT"},"fingerprint":{"sha1":"18:19:2D:E6:63:AF:34:48:52:78:48:F1:1C:39:2F:8E:D4:39:54:FB","sha256":"D9:15:77:DF:67:09:6C:4A:FB:74:08:74:EC:02:7C:80:AB:8D:AD:BA:C4:9F:A5:2E:BB:7D:27:34:36:0B:3E:2D"}}},"request":{"raw":"GET /c8b0749626ed16dc2652224e434ac7bf/invoke.js HTTP/1.1\r\nHost: www.profitablecreativeformat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:56 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 11372\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: www.profitablecreativeformat.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0828a7e1538d308c94e9f86ba2b9c7bd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27375,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (27375), with no line terminators","md5":"eb1a69566e6399268d3aaf3ae3f56b48","sha1":"f0a2c8a0f067157199d1fb22db09c88b46896e5c","sha256":"d4eb6b40992675dee02dfa3ec78db32e4d974b0e13503a4b67949d7ca961025c","sha512":"7db02fc0e4d50d773dcdf35097ea646d33beebaaf4a2df583f93ef79da0cc8892965ea319ee847a224f25b97f1eeaa6777b3a90fd6866e38dab1fba362e7c1b5","ssdeep":"384:mN2vqzp3yx3ifXtisK5bgGiLYhOF6wo1DtczxoWjVsKVrzQ8iZty2bnHJ535dVJZ:m8vqF9qhao1WzCWC1FZf9JFXL","tlshash":"94c2c7dc7f90b096277a71e3732fd00b65a74d15eb4cd8ccf427a8a168b4b5ae623850","first_seen":"2025-07-25T10:16:22.472114Z","last_seen":"2025-07-25T10:16:22.472114Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1205,"timings":{"blocked":520,"dns":110,"connect":146,"send":0,"wait":126,"receive":7,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-25","alert":"Sinkholed","trigger":"profitablecreativeformat.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"52.58.127.96","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:56.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://audiotools.link\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 25 Jul 2025 10:15:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://audiotools.link\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=099ccaca-2974-4045-beb9-065b59949498:3:1; expires=Mon, 23 Jul 2035 10:15:56 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"cc5cc4ac144fb0c9d4766708eb8167bf","sha1":"2dc657bca1e8aa45600d9d7ad8c0767a4f4cf760","sha256":"56a3b0a98d8d9151a57f00911dae0ce2c9ad07d91bb2daa10fb4129336e0df26","sha512":"35a5098551a0ac719ace70c59a48d73eaa9bfbca264916102ae740601cd2bc1dd268e3b151ad9ac072be4b8532a07cf57b8f1ce3434506003c1e459adbc6995e","ssdeep":"","tlshash":"8590045450731fd40017333d541c15dc03c71045113401705114c0411731c1c110d4f3","first_seen":"2025-07-25T10:16:22.477074Z","last_seen":"2025-07-25T10:16:22.477074Z","times_seen":1,"resource_available":false,"data":null}},"time_used":935,"timings":{"blocked":445,"dns":82,"connect":51,"send":0,"wait":25,"receive":5,"ssl":260},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.profitabledisplaycontent.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2QQvgmIQRS_OwYOKu1vdXf3LHMQYI8HND5JIEBGpX71bbk93W9U9vTsgBBck4GXFi8febzZZ1CgqXgWZ9WRAyHiaQ_YS8B8QcpbZLGx8h_e-r74q-F7x3hc7zQEJ0PDZ5QvlyOQ5Xw6XaP-V66ZQZev6F6_1PbpET_evmyJip_sb82SHb3gBW6Kv9t_Vcr1c9qlHqUe9_jljdVZuLB-qMNWd1FtK6RLzl7yQYcP-n7umB8d7UMMDcgpGTZ9-kH0IIycoBj-d1W69LqvX3xk0Oa9Li6Hae79YL8q2wOAYZraHrNg7uo3STQn5ZgFlsXfUAcrh7rwDCDMlC8_dhyj2jmxCDG89cipy6AJCPYl2OIHO92H4BLLcglH3CCAVLl5CMbh9sbQt33yk8rk6JScf_gvTTsnJ-8-iGPx4Jjcb_atl3tSmLBw2sg5mYwKzOkHV7KMeLcC0-5D15zDqL7L8cAXFYPeSy0sYNXuZpqmUXPJFP43ZIqMsXBRapIs0CkWYpixlaXL4RSabgLsTaFwPjemhyXpoqh4GatZnNGHS40GUpUrGlHHGlBY0TXxKeSpjNHLufRt1tQ2Zb0PaG6jsDaybr-698AC2-R1ubfZrKOJACRVw30t8GoY-D3QUpzplKvJZmLJAqjROlKQq0F4k4jiUfupzFgmqWRQnPPFlkkVezHgcRIKK1Iv8NBAs40mUqITxJMk8liZKpZlPdRxHvogFy7TmStAkkrEfiUzFifYp93waUqo4ZTELdazTWCTSExnLGNdcsSiJAw9O9eBqgqHq0GqC1hG0nKA1BG1N0A67Wyp3vutuq9w1wjuq_lEN9lZt2VQfi3FZr-7wW2W9qgsCbrdhVbdrqk_dFmR9YjzKnBqX88RF3Y25UN1OdUCeOZyKB59Nsa5nfZkIGrM08iOtvEhJPwp932eaBYzLWGRwpoNxC-Cuh5GZkt50hmpeN3-A4Ptw-T6kOQXePA_ejmM_AV9DSjEqfhloZea7YXVRj5ZyU6xDlR2q-iTqzd5OfkBePDSzcuFraHmXHAWk7VDZDp-YPwhW85vjK2VLdq-UrSM_X6pqMzAjPh_fqzWv9RPfvac329Kq82fd9rdvybkwh3euaVev8EKZYtWR788YpbQ9V1qpyW_n3XUtLjdu7Uxji6Zaufz2ufODymrnTFlMwM09_SekmZKn_hkeLuZrX74EYyewTYdB85jT6gZcdcxdSWDzYy4qgrbpxtYXx4e5Icj1Meeig3uMi2M8tnz-mptux93Equ2B11soBh2GtsMw78DzbbjmxLiu7N03_w4OAyLvjUVuya7I7Vw3s34WaF9SmsSRFySZ9gKmZBYmLFURp0GgUbvp2tYHH_0XAAD__1J3GJdxBQAA","fqdn":"www.profitabledisplaycontent.com","domain":"profitabledisplaycontent.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:58.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.profitabledisplaycontent.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 22:16:27 GMT","end":"Wed, 22 Oct 2025 22:16:26 GMT"},"fingerprint":{"sha1":"80:ED:AE:02:6E:22:92:2C:1D:3B:CF:40:B8:05:ED:A8:F4:78:41:C1","sha256":"27:CE:4E:A9:E9:2E:EA:67:C9:22:7C:B4:62:29:07:B9:BD:AA:87:B5:6A:AD:89:6C:68:5A:63:CB:C5:73:7D:0F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSu2QQvgmIQRS_OwYOKu1vdXf3LHMQYI8HND5JIEBGpX71bbk93W9U9vTsgBBck4GXFi8febzZZ1CgqXgWZ9WRAyHiaQ_YS8B8QcpbZLGx8h_e-r74q-F7x3hc7zQEJ0PDZ5QvlyOQ5Xw6XaP-V66ZQZev6F6_1PbpET_evmyJip_sb82SHb3gBW6Kv9t_Vcr1c9qlHqUe9_jljdVZuLB-qMNWd1FtK6RLzl7yQYcP-n7umB8d7UMMDcgpGTZ9-kH0IIycoBj-d1W69LqvX3xk0Oa9Li6Hae79YL8q2wOAYZraHrNg7uo3STQn5ZgFlsXfUAcrh7rwDCDMlC8_dhyj2jmxCDG89cipy6AJCPYl2OIHO92H4BLLcglH3CCAVLl5CMbh9sbQt33yk8rk6JScf_gvTTsnJ-8-iGPx4Jjcb_atl3tSmLBw2sg5mYwKzOkHV7KMeLcC0-5D15zDqL7L8cAXFYPeSy0sYNXuZpqmUXPJFP43ZIqMsXBRapIs0CkWYpixlaXL4RSabgLsTaFwPjemhyXpoqh4GatZnNGHS40GUpUrGlHHGlBY0TXxKeSpjNHLufRt1tQ2Zb0PaG6jsDaybr-698AC2-R1ubfZrKOJACRVw30t8GoY-D3QUpzplKvJZmLJAqjROlKQq0F4k4jiUfupzFgmqWRQnPPFlkkVezHgcRIKK1Iv8NBAs40mUqITxJMk8liZKpZlPdRxHvogFy7TmStAkkrEfiUzFifYp93waUqo4ZTELdazTWCTSExnLGNdcsSiJAw9O9eBqgqHq0GqC1hG0nKA1BG1N0A67Wyp3vutuq9w1wjuq_lEN9lZt2VQfi3FZr-7wW2W9qgsCbrdhVbdrqk_dFmR9YjzKnBqX88RF3Y25UN1OdUCeOZyKB59Nsa5nfZkIGrM08iOtvEhJPwp932eaBYzLWGRwpoNxC-Cuh5GZkt50hmpeN3-A4Ptw-T6kOQXePA_ejmM_AV9DSjEqfhloZea7YXVRj5ZyU6xDlR2q-iTqzd5OfkBePDSzcuFraHmXHAWk7VDZDp-YPwhW85vjK2VLdq-UrSM_X6pqMzAjPh_fqzWv9RPfvac329Kq82fd9rdvybkwh3euaVev8EKZYtWR788YpbQ9V1qpyW_n3XUtLjdu7Uxji6Zaufz2ufODymrnTFlMwM09_SekmZKn_hkeLuZrX74EYyewTYdB85jT6gZcdcxdSWDzYy4qgrbpxtYXx4e5Icj1Meeig3uMi2M8tnz-mptux93Equ2B11soBh2GtsMw78DzbbjmxLiu7N03_w4OAyLvjUVuya7I7Vw3s34WaF9SmsSRFySZ9gKmZBYmLFURp0GgUbvp2tYHH_0XAAD__1J3GJdxBQAA HTTP/1.1\r\nHost: www.profitabledisplaycontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDkwODg4MiwiayI6ImM4YjA3NDk2MjZlZDE2ZGMyNjUyMjI0ZTQzNGFjN2JmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMTk1MTMsInBpZCI6OTY2ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTgsImFpZCI6MjMsInB0Ijo0LCJwayI6Inh4Yjg4cWZhOXkiLCJjcGtzIjp7IjQ3IjoiODMzZjNiZWI1MDk5NDFjYTI4ZDUwNDVlYTBhYjk4YTUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2F1ZGlvdG9vbHMubGluay9saW5rcy94ZmVyLXJlY29yZHMtc2VydW0tdjItMC0xNi13aW4tdnItdGNkIiwiYXIiOltdfX0.S38F4tlKhBAxJKfhGaB5KMAnzqKP76id6Ajs89hdNM4; uid_id2=099ccaca-2974-4045-beb9-065b59949498:3:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl14908882=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: www.profitabledisplaycontent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 226175f9ec5be236124ec57ae46741f5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T11:41:01.301496Z","times_seen":15383472,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:55.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 07 Jul 2025 08:35:54 GMT","end":"Mon, 29 Sep 2025 08:35:53 GMT"},"fingerprint":{"sha1":"F3:96:6E:68:01:34:12:AD:6A:03:D8:EF:BD:47:E1:FD:A4:AA:FB:C5","sha256":"BF:6D:12:A9:D7:AB:31:65:56:63:8F:97:4E:12:51:58:55:9A:75:81:94:F8:34:D1:46:46:48:4B:34:CB:8A:9E"}}},"request":{"raw":"GET /recaptcha/api.js HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Fri, 25 Jul 2025 10:15:55 GMT\r\ndate: Fri, 25 Jul 2025 10:15:55 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1017,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1017), with no line terminators","md5":"683e3fbda052b5ef8a02c45072427b61","sha1":"2d29d260a122c589dc7bd000f9b9a72db4855f47","sha256":"e978b36c676da279dc5ed5840b3f45d6ea6794f628ffe1731903f9e7ea532364","sha512":"cea17b03aa1de31e089d83591fcc5aa2f07dd0e533ba79e03fb37bbb5588bf1b11f811c588b50c344460cb12191a4381a194daf172cd19edc9aa1913cee0d8aa","ssdeep":"","tlshash":"9211ef761a04e0390b720de1b2fbda75e492741cf06845e8a551d9c81e79ccbce15549","first_seen":"2025-07-22T08:46:34.315111Z","last_seen":"2025-10-22T06:59:16.040589Z","times_seen":975,"resource_available":true,"data":null}},"time_used":464,"timings":{"blocked":133,"dns":5,"connect":14,"send":0,"wait":39,"receive":0,"ssl":268},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=099ccaca-2974-4045-beb9-065b59949498\u0026eb=56a3745424804a23b12899170f9076de\u0026te=9c9b2bc1fcb866fe34b4078d4dc2b749\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=5265044313adfbdd1675427af66a6922\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:58.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:12:33 GMT","end":"Mon, 29 Sep 2025 15:12:32 GMT"},"fingerprint":{"sha1":"9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A","sha256":"FB:D4:A2:1D:0F:F1:FB:A8:D9:5E:88:03:1F:BB:94:D2:32:5C:CC:49:11:11:FC:04:7B:C6:43:40:CF:1E:A2:BA"}}},"request":{"raw":"GET /pxf.gif?uuid=099ccaca-2974-4045-beb9-065b59949498\u0026eb=56a3745424804a23b12899170f9076de\u0026te=9c9b2bc1fcb866fe34b4078d4dc2b749\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=5265044313adfbdd1675427af66a6922\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=10 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:58 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7b0e25f9a98480f3ad1745d293d894ec\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T11:41:01.301496Z","times_seen":15383472,"resource_available":true,"data":null}},"time_used":774,"timings":{"blocked":292,"dns":3,"connect":93,"send":0,"wait":190,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-25","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.profitabledisplaycontent.com/watch.240160588389.js?key=c8b0749626ed16dc2652224e434ac7bf\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Faudiotools.link%2Flinks%2Fxfer-records-serum-v2-0-16-win-vr-tcd\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026aioi=t\u0026sub3=group_b\u0026uuid=099ccaca-2974-4045-beb9-065b59949498%3A3%3A1","fqdn":"www.profitabledisplaycontent.com","domain":"profitabledisplaycontent.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"","requested_by":"https://audiotools.link/links/xfer-records-serum-v2-0-16-win-vr-tcd","date":"2025-07-25T10:15:57.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.profitabledisplaycontent.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 22:16:27 GMT","end":"Wed, 22 Oct 2025 22:16:26 GMT"},"fingerprint":{"sha1":"80:ED:AE:02:6E:22:92:2C:1D:3B:CF:40:B8:05:ED:A8:F4:78:41:C1","sha256":"27:CE:4E:A9:E9:2E:EA:67:C9:22:7C:B4:62:29:07:B9:BD:AA:87:B5:6A:AD:89:6C:68:5A:63:CB:C5:73:7D:0F"}}},"request":{"raw":"GET /watch.240160588389.js?key=c8b0749626ed16dc2652224e434ac7bf\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Faudiotools.link%2Flinks%2Fxfer-records-serum-v2-0-16-win-vr-tcd\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026aioi=t\u0026sub3=group_b\u0026uuid=099ccaca-2974-4045-beb9-065b59949498%3A3%3A1 HTTP/1.1\r\nHost: www.profitabledisplaycontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://audiotools.link\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://audiotools.link/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Fri, 25 Jul 2025 10:15:57 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://audiotools.link\r\nAccess-Control-Allow-Credentials: true\r\nLocation: https://www.profitabledisplaycontent.com/watch.240160588389.js?aioi=t\u0026dev=e\u0026key=c8b0749626ed16dc2652224e434ac7bf\u0026kw=%5B%5D\u0026pst=1753438617\u0026rb=\u0026refer=https%3A%2F%2Faudiotools.link%2Flinks%2Fxfer-records-serum-v2-0-16-win-vr-tcd\u0026res=14.3095\u0026rmtc=t\u0026shu=5b73dbd3a21820552a3e679e94d6245943cd978dc0d3e16b775c292a46b0e4678a82c8f6174a736b0b916293b4fa868d84a88f1498dd9f20e7762b7b4feeadb086c726bfd78e20a120500da04745e7e97b8c1bf4f4aead468731\u0026sub3=group_b\u0026tz=0\u0026uuid=099ccaca-2974-4045-beb9-065b59949498%3A3%3A1\r\nSet-Cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDkwODg4MiwiayI6ImM4YjA3NDk2MjZlZDE2ZGMyNjUyMjI0ZTQzNGFjN2JmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMTk1MTMsInBpZCI6OTY2ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTgsImFpZCI6MjMsInB0Ijo0LCJwayI6Inh4Yjg4cWZhOXkiLCJjcGtzIjp7IjQ3IjoiODMzZjNiZWI1MDk5NDFjYTI4ZDUwNDVlYTBhYjk4YTUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2F1ZGlvdG9vbHMubGluay9saW5rcy94ZmVyLXJlY29yZHMtc2VydW0tdjItMC0xNi13aW4tdnItdGNkIiwiYXIiOltdfX0.S38F4tlKhBAxJKfhGaB5KMAnzqKP76id6Ajs89hdNM4; expires=Fri, 25 Jul 2025 10:16:57 GMT; path=/; secure; SameSite=None\r\nHost: www.profitabledisplaycontent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f257da11a625f49f9df69525284295db\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":null,"data":{"size":4903,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T11:41:01.301496Z","times_seen":15383472,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":313,"dns":23,"connect":93,"send":0,"wait":96,"receive":1,"ssl":198},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}